VDB

DEBIAN-CVE-2023-52481

DEBIAN-CVE-2023-52481 PUBLISHED CVSS 4.699999809265137 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround Implement the workaround for ARM Cortex-A520 erratum 2966298. On an affected Cortex-A520 core, a speculatively executed unprivileged load might leak data from a privileged load via a cache side channel. The issue only exists for loads within a translation regime with the same translation (e.g. same ASID and VMID). Therefore, the issue only affects the return to EL0. The workaround is to execute a TLBI before returning to EL0 after all loads of privileged data. A non-shareable TLBI to any address is sufficient. The workaround isn't necessary if page table isolation (KPTI) is enabled, but for simplicity it will be. Page table isolation should normally be disabled for Cortex-A520 as it supports the CSV3 feature and the E0PD feature (used when KASLR is enabled).

Risk Scores

CVSS 3.1
4.699999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Affected Products

VendorProductVersions
Debian:12linux*, 6.1.27-1, *
Debian:11linux*, 5.17.11-1, 5.10.216-1
Debian:13linux0, 0, 0
Debian:14linux0, 0, 0

Timeline

  • Feb 29, 2024 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›