Side-Channel Vulnerability in ARM Processors Affecting JavaScript Execution
CVE-2017-5927

7.5HIGH

Key Information:

Vendor
Intel
Vendor
CVE Published:
27 February 2017

Summary

Modern ARM processors are susceptible to a side-channel attack that exploits the page table walks conducted by the Memory Management Unit (MMU) during virtual to physical address translation. This vulnerability allows an attacker to leak sensitive data and code pointers from JavaScript applications by analyzing the traces left in the last level cache. Such an attack can potentially compromise Address Space Layout Randomization (ASLR) techniques, undermining the security of affected systems and applications.

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.