目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CWE-1421 类漏洞列表 3

CWE-1421 类弱点 3 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-1421 属于瞬态执行期间的微架构侧信道漏洞。攻击者利用处理器瞬态操作,通过共享缓存等微架构结构访问受架构限制的数据,从而建立隐蔽信道窃取敏感信息。开发者需确保微架构隔离机制有效,定期更新处理器微码以修补漏洞,并在应用层实施严格的数据访问控制与内存隔离策略,防止敏感数据通过侧信道泄露。

MITRE CWE 官方描述
CWE:CWE-1421 瞬态执行期间共享微架构结构中的敏感信息泄露 英文:处理器事件可能允许瞬态操作访问共享微架构结构(例如 CPU 缓存)中架构上受限制的数据(例如,在其他地址空间中),从而可能通过隐蔽信道泄露数据。 许多商用处理器具有指令集架构 (ISA) 特性,用于保护软件组件彼此隔离。这些特性可包括内存分段、虚拟内存、特权环、可信执行环境和虚拟机等。例如,虚拟内存为每个进程提供独立的地址空间,从而防止进程访问彼此的私有数据。许多此类特性可用于在软件组件之间形成硬件强制的安全边界。许多商用处理器还共享缓存(临时存储)数据的微架构资源,这些数据可能是机密信息。这些资源可能在处理器上下文之间共享,包括在同时多线程 (SMT) 线程、特权环或其他上下文之间共享。当瞬态操作允许访问共享微架构资源中由 ISA 保护的数据时,这可能会违反用户对被绕过 ISA 特性的安全预期。例如,如果瞬态操作能够访问共享微架构资源中的受害者私有数据,那么这些操作的微架构副作用可能与所访问的数据相对应。如果攻击者能够触发这些瞬态操作并通过隐蔽信道 [REF-1400] 观察其副作用,则攻击者可能能够推断出受害者的私有数据。私有数据可能包括敏感的程序数据、操作系统/虚拟机监控程序 (OS/VMM) 数据、页表数据(如内存地址)、系统配置数据(参见演示示例 3),或任何其他攻击者不具备所需访问权限的数据。
常见影响 (1)
ConfidentialityRead Memory
<<put the information here>>
缓解措施 (5)
Architecture and DesignHardware designers may choose to engineer the processor's pipeline to prevent architecturally restricted data from being used by operations that can execute transiently.
Effectiveness: High
Architecture and DesignHardware designers may choose not to share microarchitectural resources that can contain sensitive data, such as fill buffers and store buffers.
Effectiveness: Moderate
Architecture and DesignHardware designers may choose to sanitize specific microarchitectural state (for example, store buffers) when the processor transitions to a different context, such as whenever a system call is invoked. Alternatively, the hardware may expose instruction(s) that allow software to sanitize microarchitectural state according to the user or system administrator's threat model. …
Effectiveness: Moderate
Architecture and DesignThe hardware designer can attempt to prevent transient execution from causing observable discrepancies in specific covert channels.
Effectiveness: Limited
Architecture and DesignSoftware architects may design software to enforce strong isolation between different contexts. For example, kernel page table isolation (KPTI) mitigates the Meltdown vulnerability [REF-1401] by separating user-mode page tables from kernel-mode page tables, which prevents user-mode processes from using Meltdown to transiently access kernel memory [REF-1404].
Effectiveness: Limited
代码示例 (2)
Some processors may perform access control checks in parallel with memory read/write operations. For example, when a user-mode program attempts to read data from memory, the processor may also need to check whether the memory address is mapped into user space or kernel space. If the processor performs the access concurrently with the check, then the access may be able to transi…
1 ; rcx = kernel address, rbx = probe array 2 xor rax, rax                # set rax to 0 3 retry: 4 mov al, byte [rcx]          # attempt to read kernel memory 5 shl rax, 0xc                # multiply result by page size (4KB) 6 jz retry                    # if the result is zero, try again 7 mov rbx, qword [rbx + rax]  # transmit result over a cache covert channel
Bad · x86 Assembly
Many commodity processors share microarchitectural fill buffers between sibling hardware threads on simultaneous multithreaded (SMT) processors. Fill buffers can serve as temporary storage for data that passes to and from the processor's caches. Microarchitectural Fill Buffer Data Sampling (MFBDS) is a vulnerability that can allow a hardware thread to access its sibling's priva…
CVE ID标题CVSS风险等级Published
CVE-2024-36357 AMD Processors 安全漏洞 — AMD EPYC™ 7003 Series Processors 5.6 Medium2025-07-08
CVE-2024-36350 AMD Processors 安全漏洞 — AMD EPYC™ 7003 Series Processors 5.6 Medium2025-07-08
CVE-2024-38296 Dell Edge Gateway 5200 安全漏洞 — Edge Gateway 5200 6.7 Medium2024-11-22

CWE-1421 是常见的弱点类别,本平台收录该类弱点关联的 3 条 CVE 漏洞。