Search criteria
9 vulnerabilities found for e-350 by amd
VAR-201702-0604
Vulnerability from variot - Updated: 2025-04-20 23:37Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. ARM Cortex A53 and so on are CPU processors of British ARM company.
There are security vulnerabilities in many ARM processors. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Little is known about this issue or its effects at this time. We will update this BID as more information emerges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0604",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "exynos 5800",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "atom c2750",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fx-8320 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "fx-8120 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "celeron n2840",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2658 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "a64",
"scope": "eq",
"trust": 1.0,
"vendor": "allwinner",
"version": null
},
{
"model": "core i7-6700k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "e-350",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "phenom 9550 4-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "core i7-4500u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fx-8350 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "core i7-2620qm",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-3632qm",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7 920",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "tegra k1 cd580m-a1",
"scope": "eq",
"trust": 1.0,
"vendor": "nvidia",
"version": null
},
{
"model": "core i5 m480",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "tegra k1 cd570m-a1",
"scope": "eq",
"trust": 1.0,
"vendor": "nvidia",
"version": null
},
{
"model": "athlon ii 640 x4",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "athlon ii 640 x4",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "e-350",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8120 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8320 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8350 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "phenom 9550 4-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "a64",
"scope": null,
"trust": 0.8,
"vendor": "allwinner",
"version": null
},
{
"model": "tegra k1 cd570m-a1",
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": "tegra k1 cd580m-a1",
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": "atom c2750",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2840",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i5 m480",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7 920",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-2620qm",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-3632qm",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-4500u",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6700k",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240 v5",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2658 v2",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "exynos 5800",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "cortex a53",
"scope": null,
"trust": 0.6,
"vendor": "arm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-924"
},
{
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:amd:athlon_ii_640_x4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:e-350",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8120_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8320_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8350_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:phenom_9550_4-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allwinner:a64",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nvidia:tegra_k1_cd570m-a1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nvidia:tegra_k1_cd580m-a1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:atom_c2750",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:celeron_n2840",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i5_m480",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7_920",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-2620qm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-3632qm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-4500u",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-6700k",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:xeon_e3-1240_v5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:xeon_e5-2658_v2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:samsung:exynos_5800",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "B. Gras, K. Razavi, E. Bosman, H. Bos, C. Giuffrida,",
"sources": [
{
"db": "BID",
"id": "96459"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5927",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-5927",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-03136",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-114130",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-5927",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5927",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-5927",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-03136",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-924",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-114130",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"db": "VULHUB",
"id": "VHN-114130"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-924"
},
{
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. ARM Cortex A53 and so on are CPU processors of British ARM company. \n\nThere are security vulnerabilities in many ARM processors. \nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. \nLittle is known about this issue or its effects at this time. We will update this BID as more information emerges",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5927"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"db": "BID",
"id": "96459"
},
{
"db": "VULHUB",
"id": "VHN-114130"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5927",
"trust": 3.4
},
{
"db": "BID",
"id": "96459",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-03136",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201702-924",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114130",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"db": "VULHUB",
"id": "VHN-114130"
},
{
"db": "BID",
"id": "96459"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-924"
},
{
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"id": "VAR-201702-0604",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-114130"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:37:59.028000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Multiple ARM Processor Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/90740"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03136"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114130"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/96459"
},
{
"trust": 1.7,
"url": "https://www.vusec.net/projects/anc"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5927"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5927"
},
{
"trust": 0.8,
"url": "https://www.vusec.net/projects/anc/"
},
{
"trust": 0.3,
"url": "http://www.intel.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"db": "VULHUB",
"id": "VHN-114130"
},
{
"db": "BID",
"id": "96459"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-924"
},
{
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"db": "VULHUB",
"id": "VHN-114130"
},
{
"db": "BID",
"id": "96459"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-924"
},
{
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"date": "2017-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-114130"
},
{
"date": "2017-02-27T00:00:00",
"db": "BID",
"id": "96459"
},
{
"date": "2017-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"date": "2017-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-924"
},
{
"date": "2017-02-27T07:59:00.237000",
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-03136"
},
{
"date": "2017-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-114130"
},
{
"date": "2017-03-07T01:08:00",
"db": "BID",
"id": "96459"
},
{
"date": "2017-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001750"
},
{
"date": "2017-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-924"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-5927"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-924"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ARM Vulnerabilities that allow side-channel attacks in processors",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001750"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-924"
}
],
"trust": 0.6
}
}
VAR-201702-0602
Vulnerability from variot - Updated: 2025-04-20 23:34Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. Multiple Intel Processor is prone to local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. Intel Core i7 920 and so on are the CPU processors of Intel Corporation of the United States. The following products are affected: Intel Core i7 920; Intel Core i5 M480; Intel Core i7-2620QM; Intel Core i7-3632QM; Intel Core i7-4500U; Intel Atom C2750; Intel Xeon E5-2658 v2; i7-6700K; Intel Xeon E3-1240 v5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0602",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "core i5 m480",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "core i7 920",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "atom c2750",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fx-8320 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "fx-8120 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "celeron n2840",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2658 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "a64",
"scope": "eq",
"trust": 1.0,
"vendor": "allwinner",
"version": null
},
{
"model": "core i7-6700k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "e-350",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "phenom 9550 4-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "core i7-4500u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fx-8350 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "core i7-2620qm",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-3632qm",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "tegra k1 cd580m-a1",
"scope": "eq",
"trust": 1.0,
"vendor": "nvidia",
"version": null
},
{
"model": "exynos 5800",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": null
},
{
"model": "tegra k1 cd570m-a1",
"scope": "eq",
"trust": 1.0,
"vendor": "nvidia",
"version": null
},
{
"model": "athlon ii 640 x4",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "athlon ii 640 x4",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "e-350",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8120 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8320 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8350 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "phenom 9550 4-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "a64",
"scope": null,
"trust": 0.8,
"vendor": "allwinner",
"version": null
},
{
"model": "tegra k1 cd570m-a1",
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": "tegra k1 cd580m-a1",
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": "atom c2750",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2840",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i5 m480",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7 920",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-2620qm",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-3632qm",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-4500u",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6700k",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240 v5",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2658 v2",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "exynos 5800",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-926"
},
{
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:amd:athlon_ii_640_x4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:e-350",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8120_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8320_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8350_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:phenom_9550_4-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allwinner:a64",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nvidia:tegra_k1_cd570m-a1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nvidia:tegra_k1_cd580m-a1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:atom_c2750",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:celeron_n2840",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i5_m480",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7_920",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-2620qm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-3632qm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-4500u",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-6700k",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:xeon_e3-1240_v5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:xeon_e5-2658_v2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:samsung:exynos_5800",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "B. Gras, K. Razavi, E. Bosman, H. Bos, C. Giuffrida,",
"sources": [
{
"db": "BID",
"id": "96452"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5925",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-5925",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-114128",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-5925",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5925",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-5925",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-926",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-114128",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114128"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-926"
},
{
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. Multiple Intel Processor is prone to local security-bypass vulnerability. \nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. \nLittle is known about this issue or its effects at this time. We will update this BID as more information emerges. Intel Core i7 920 and so on are the CPU processors of Intel Corporation of the United States. The following products are affected: Intel Core i7 920; Intel Core i5 M480; Intel Core i7-2620QM; Intel Core i7-3632QM; Intel Core i7-4500U; Intel Atom C2750; Intel Xeon E5-2658 v2; i7-6700K; Intel Xeon E3-1240 v5",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5925"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"db": "BID",
"id": "96452"
},
{
"db": "VULHUB",
"id": "VHN-114128"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5925",
"trust": 2.8
},
{
"db": "BID",
"id": "96452",
"trust": 2.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001748",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-926",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-114128",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114128"
},
{
"db": "BID",
"id": "96452"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-926"
},
{
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"id": "VAR-201702-0602",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-114128"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:34:29.125000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114128"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"trust": 1.7,
"url": "https://www.vusec.net/projects/anc"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/96452"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5925"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5925"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/96452/info"
},
{
"trust": 0.8,
"url": "https://www.vusec.net/projects/anc/"
},
{
"trust": 0.3,
"url": "http://www.intel.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114128"
},
{
"db": "BID",
"id": "96452"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-926"
},
{
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-114128"
},
{
"db": "BID",
"id": "96452"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-926"
},
{
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-114128"
},
{
"date": "2017-02-27T00:00:00",
"db": "BID",
"id": "96452"
},
{
"date": "2017-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"date": "2017-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-926"
},
{
"date": "2017-02-27T07:59:00.143000",
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-114128"
},
{
"date": "2017-03-07T01:08:00",
"db": "BID",
"id": "96452"
},
{
"date": "2017-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001748"
},
{
"date": "2017-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-926"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-5925"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-926"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel processor side channel attack vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001748"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-926"
}
],
"trust": 0.6
}
}
VAR-201702-0603
Vulnerability from variot - Updated: 2025-04-20 23:32Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. Multiple AMD Processor are prone to local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. AMD Phenom 9550 4-Core and so on are the processor products of American AMD Company. The following products are affected: AMD Phenom 9550 4-Core; AMD E-350; AMD Athlon II 640 X4; AMD FX-8120 8-Core; AMD FX-8320 8-Core; AMD FX-8350 8-Core
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0603",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "core i7 920",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "atom c2750",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fx-8320 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "fx-8120 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "celeron n2840",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2658 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "a64",
"scope": "eq",
"trust": 1.0,
"vendor": "allwinner",
"version": null
},
{
"model": "core i7-6700k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "e-350",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "phenom 9550 4-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "core i7-4500u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fx-8350 8-core",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "core i7-2620qm",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-3632qm",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "tegra k1 cd580m-a1",
"scope": "eq",
"trust": 1.0,
"vendor": "nvidia",
"version": null
},
{
"model": "core i5 m480",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "exynos 5800",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": null
},
{
"model": "tegra k1 cd570m-a1",
"scope": "eq",
"trust": 1.0,
"vendor": "nvidia",
"version": null
},
{
"model": "athlon ii 640 x4",
"scope": "eq",
"trust": 1.0,
"vendor": "amd",
"version": null
},
{
"model": "athlon ii 640 x4",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "e-350",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8120 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8320 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "fx-8350 8-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "phenom 9550 4-core",
"scope": null,
"trust": 0.8,
"vendor": "advanced micro devices amd",
"version": null
},
{
"model": "a64",
"scope": null,
"trust": 0.8,
"vendor": "allwinner",
"version": null
},
{
"model": "tegra k1 cd570m-a1",
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": "tegra k1 cd580m-a1",
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": "atom c2750",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2840",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i5 m480",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7 920",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-2620qm",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-3632qm",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-4500u",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6700k",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240 v5",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2658 v2",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "exynos 5800",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-925"
},
{
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:amd:athlon_ii_640_x4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:e-350",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8120_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8320_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:fx-8350_8-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:amd:phenom_9550_4-core",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allwinner:a64",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nvidia:tegra_k1_cd570m-a1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nvidia:tegra_k1_cd580m-a1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:atom_c2750",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:celeron_n2840",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i5_m480",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7_920",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-2620qm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-3632qm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-4500u",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i7-6700k",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:xeon_e3-1240_v5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:xeon_e5-2658_v2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:samsung:exynos_5800",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "B. Gras, K. Razavi, E. Bosman, H. Bos, C. Giuffrida,",
"sources": [
{
"db": "BID",
"id": "96457"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5926",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-5926",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-114129",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-5926",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5926",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-5926",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-925",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-114129",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114129"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-925"
},
{
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. Multiple AMD Processor are prone to local security-bypass vulnerability. \nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. \nLittle is known about this issue or its effects at this time. We will update this BID as more information emerges. AMD Phenom 9550 4-Core and so on are the processor products of American AMD Company. The following products are affected: AMD Phenom 9550 4-Core; AMD E-350; AMD Athlon II 640 X4; AMD FX-8120 8-Core; AMD FX-8320 8-Core; AMD FX-8350 8-Core",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5926"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"db": "BID",
"id": "96457"
},
{
"db": "VULHUB",
"id": "VHN-114129"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5926",
"trust": 2.8
},
{
"db": "BID",
"id": "96457",
"trust": 2.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001749",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-925",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114129",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114129"
},
{
"db": "BID",
"id": "96457"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-925"
},
{
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"id": "VAR-201702-0603",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-114129"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:32:16.233000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114129"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/96457"
},
{
"trust": 1.7,
"url": "https://www.vusec.net/projects/anc"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5926"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5926"
},
{
"trust": 0.8,
"url": "https://www.vusec.net/projects/anc/"
},
{
"trust": 0.3,
"url": "http://www.intel.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114129"
},
{
"db": "BID",
"id": "96457"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-925"
},
{
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-114129"
},
{
"db": "BID",
"id": "96457"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-925"
},
{
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-114129"
},
{
"date": "2017-02-27T00:00:00",
"db": "BID",
"id": "96457"
},
{
"date": "2017-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"date": "2017-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-925"
},
{
"date": "2017-02-27T07:59:00.207000",
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-114129"
},
{
"date": "2017-03-07T01:08:00",
"db": "BID",
"id": "96457"
},
{
"date": "2017-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001749"
},
{
"date": "2017-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-925"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-5926"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-925"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AMD Vulnerabilities that allow side-channel attacks in processors",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001749"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-925"
}
],
"trust": 0.6
}
}
CVE-2017-5927 (GCVE-0-2017-5927)
Vulnerability from nvd – Published: 2017-02-27 07:25 – Updated: 2024-08-05 15:18
VLAI?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vusec.net/projects/anc"
},
{
"name": "96459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vusec.net/projects/anc"
},
{
"name": "96459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf",
"refsource": "MISC",
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "https://www.vusec.net/projects/anc",
"refsource": "MISC",
"url": "https://www.vusec.net/projects/anc"
},
{
"name": "96459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5927",
"datePublished": "2017-02-27T07:25:00",
"dateReserved": "2017-02-07T00:00:00",
"dateUpdated": "2024-08-05T15:18:48.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5926 (GCVE-0-2017-5926)
Vulnerability from nvd – Published: 2017-02-27 07:25 – Updated: 2024-08-05 15:18
VLAI?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "96457",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96457"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "96457",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96457"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf",
"refsource": "MISC",
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "96457",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96457"
},
{
"name": "https://www.vusec.net/projects/anc",
"refsource": "MISC",
"url": "https://www.vusec.net/projects/anc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5926",
"datePublished": "2017-02-27T07:25:00",
"dateReserved": "2017-02-07T00:00:00",
"dateUpdated": "2024-08-05T15:18:48.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5925 (GCVE-0-2017-5925)
Vulnerability from nvd – Published: 2017-02-27 07:25 – Updated: 2024-08-05 15:18
VLAI?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96452",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96452"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96452",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96452"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96452"
},
{
"name": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf",
"refsource": "MISC",
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "https://www.vusec.net/projects/anc",
"refsource": "MISC",
"url": "https://www.vusec.net/projects/anc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5925",
"datePublished": "2017-02-27T07:25:00",
"dateReserved": "2017-02-07T00:00:00",
"dateUpdated": "2024-08-05T15:18:48.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5925 (GCVE-0-2017-5925)
Vulnerability from cvelistv5 – Published: 2017-02-27 07:25 – Updated: 2024-08-05 15:18
VLAI?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96452",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96452"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96452",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96452"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96452"
},
{
"name": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf",
"refsource": "MISC",
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "https://www.vusec.net/projects/anc",
"refsource": "MISC",
"url": "https://www.vusec.net/projects/anc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5925",
"datePublished": "2017-02-27T07:25:00",
"dateReserved": "2017-02-07T00:00:00",
"dateUpdated": "2024-08-05T15:18:48.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5926 (GCVE-0-2017-5926)
Vulnerability from cvelistv5 – Published: 2017-02-27 07:25 – Updated: 2024-08-05 15:18
VLAI?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "96457",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96457"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "96457",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96457"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf",
"refsource": "MISC",
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "96457",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96457"
},
{
"name": "https://www.vusec.net/projects/anc",
"refsource": "MISC",
"url": "https://www.vusec.net/projects/anc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5926",
"datePublished": "2017-02-27T07:25:00",
"dateReserved": "2017-02-07T00:00:00",
"dateUpdated": "2024-08-05T15:18:48.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5927 (GCVE-0-2017-5927)
Vulnerability from cvelistv5 – Published: 2017-02-27 07:25 – Updated: 2024-08-05 15:18
VLAI?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vusec.net/projects/anc"
},
{
"name": "96459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vusec.net/projects/anc"
},
{
"name": "96459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf",
"refsource": "MISC",
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "https://www.vusec.net/projects/anc",
"refsource": "MISC",
"url": "https://www.vusec.net/projects/anc"
},
{
"name": "96459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5927",
"datePublished": "2017-02-27T07:25:00",
"dateReserved": "2017-02-07T00:00:00",
"dateUpdated": "2024-08-05T15:18:48.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}