Side-Channel Data Leakage in AMD Processors Affecting JavaScript Execution
CVE-2017-5926

7.5HIGH

Key Information:

Vendor
Intel
Vendor
CVE Published:
27 February 2017

Summary

A security vulnerability in certain AMD processors allows for a side-channel attack through page table walks executed by the Memory Management Unit (MMU). This process unintentionally retains traces in the last level cache, which can be exploited to leak sensitive data and code pointers during JavaScript execution. This breach undermines Address Space Layout Randomization (ASLR), exposing systems to potential exploitation by malicious actors.

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.