Side-Channel Data Leakage in AMD Processors Affecting JavaScript Execution
CVE-2017-5926
7.5HIGH
Summary
A security vulnerability in certain AMD processors allows for a side-channel attack through page table walks executed by the Memory Management Unit (MMU). This process unintentionally retains traces in the last level cache, which can be exploited to leak sensitive data and code pointers during JavaScript execution. This breach undermines Address Space Layout Randomization (ASLR), exposing systems to potential exploitation by malicious actors.
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved