Tag Archives: Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

CWE-1312 – Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

Read Time:30 Second

Description

The firewall in an on-chip fabric protects the main addressed region, but it does not protect any mirrored memory or memory-mapped-IO (MMIO) regions.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-284
CWE-1251

 

Consequences

Confidentiality, Integrity, Access Control: Modify Memory, Read Memory, Bypass Protection Mechanism

 

Potential Mitigations

Phase: Architecture and Design

Description: 

The fabric firewall should apply the same protections as the original region to the mirrored regions.

Phase: Implementation

Description: 

The fabric firewall should apply the same protections as the original region to the mirrored regions.

CVE References