Side-Channel Vulnerability in ARM Processors Affecting JavaScript Execution
CVE-2017-5927
7.5HIGH
Summary
Modern ARM processors are susceptible to a side-channel attack that exploits the page table walks conducted by the Memory Management Unit (MMU) during virtual to physical address translation. This vulnerability allows an attacker to leak sensitive data and code pointers from JavaScript applications by analyzing the traces left in the last level cache. Such an attack can potentially compromise Address Space Layout Randomization (ASLR) techniques, undermining the security of affected systems and applications.
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved