CVE-2024-7883 – Arm Cortex-M Security Extensions (CMSE) Floating-Point Registers Leaky Secure Stack (Vendor/ProductName Secure Stack Confidentiality Leakage)

10月 31, 2024
6:17 pm

CVE ID : CVE-2024-7883

Published : Oct. 31, 2024, 5:15 p.m. | 1 hour, 1 minute ago

Description : When using Arm Cortex-M Security Extensions (CMSE), Secure stack
contents can be leaked to Non-secure state via floating-point registers
when a Secure to Non-secure function call is made that returns a
floating-point value and when this is the first use of floating-point
since entering Secure state. This allows an attacker to read a limited
quantity of Secure stack contents with an impact on confidentiality.
This issue is specific to code generated using LLVM-based compilers.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-7883 – Arm Cortex-M Security Extensions (CMSE) Floating-Point Registers Leaky Secure Stack (Vendor/ProductName Secure Stack Confidentiality Leakage)

Elvescore.io

Recent Posts

CVE-2025-22275 – iTerm2 Information Disclosure

CVE-2024-11624 – “VPN App Vulnerability – Undeclared Permission Privilege Escalation”

CVE-2024-47032 – LWIS Memory Corruption Vulnerability

CVE-2024-53833 – Apache LWis Out-of-Bounds Write Local Privilege Escalation

CVE-2024-53834 – Android SMS to-string Out-of-Bounds Read Vulnerability

CVE-2024-53835 – Apache Biometric Bypass Privilege Escalation Vulnerability

CVE-2024-7883 – Arm Cortex-M Security Extensions (CMSE) Floating-Point Registers Leaky Secure Stack (Vendor/ProductName Secure Stack Confidentiality Leakage)

CVE-2024-7883 – Arm Cortex-M Security Extensions (CMSE) Floating-Point Registers Leaky Secure Stack (Vendor/ProductName Secure Stack Confidentiality Leakage)