CVE-2024-5660

Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 may permit bypass of Stage-2 translation and/or GPT protection.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ArmCNA
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
VendorProductVersion
armcortex-a710_firmware
-
armcortex-a77_firmware
-
armcortex-a78_firmware
-
armcortex-a78ae_firmware
-
armcortex-a78c_firmware
-
armcortex-x1_firmware
-
armcortex-x1c_firmware
-
armcortex-x2_firmware
-
armcortex-x3_firmware
-
armcortex-x4_firmware
-
armcortex-x925_firmware
-
armneoverse_n2_firmware
-
armneoverse-v1_firmware
-
armneoverse-v2_firmware
-
armneoverse-v3_firmware
-
armneoverse-v3ae_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660