VDB
DEBIAN-CVE-2024-5660
DEBIAN-CVE-2024-5660
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 may permit bypass of Stage-2 translation and/or GPT protection.
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | arm-trusted-firmware | *, 2.9.0+dfsg-2, 2.9.0+dfsg-3 |
| Debian:14 | arm-trusted-firmware | 0, 0 |
| Debian:12 | arm-trusted-firmware | 2.10.10+dfsg-1, 2.12.0+dfsg-1, 2.12.0+dfsg-2 |
| Debian:13 | arm-trusted-firmware | 0, 0 |
Exploit Intelligence
- cortex_a710.S (github-poc)
- cortex_a710.S (github-poc)
- neoverse_v2.S (github-poc)
- neoverse_v2.S (github-poc)
- neoverse_v3.S (github-poc)
- neoverse_v3.S (github-poc)
- neoverse_v3.S (github-poc)
- cortex_x4.S (github-poc)
- cortex_x4.S (github-poc)
- cortex_x3.S (github-poc)
…and 22 more exploits
Timeline
- Dec 10, 2024 CVE Published
- Apr 28, 2026 CVE Updated