OpenCVE

In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Arm	Armv8-m Armv8-m Firmware

Configuration 1 [-]

AND

cpe:2.3:o:arm:armv8-m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:arm:armv8-m:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-11-12T18:53:45

Updated: 2024-08-04T13:37:54.222Z

Reserved: 2020-08-03T00:00:00

Link: CVE-2020-16273

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-11-12T19:15:14.583

Modified: 2024-11-21T05:07:04.670

Link: CVE-2020-16273

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-12T18:53:45", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-16273", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing", "refsource": "CONFIRM", "url": "https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:37:54.222Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-16273", "datePublished": "2020-11-12T18:53:45", "dateReserved": "2020-08-03T00:00:00", "dateUpdated": "2024-08-04T13:37:54.222Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:armv8-m_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C074E97-5B10-40DC-B412-FBC2EE869816", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:armv8-m:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C7D2C39-E6D8-488C-B9C6-45F90A7CD294", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension."}, {"lang": "es", "value": "En el software Arm que implementa los procesadores Armv8-M (todas las versiones), el mecanismo de selecci\u00f3n de pila podr\u00eda estar influenciado por un ataque de subdesbordamiento de pila en los procesadores basados ??en TrustZone v8-M. Un atacante puede causar un cambio en el puntero de pila usado por Secure World desde una aplicaci\u00f3n no segura si la pila no est\u00e1 inicializada. Esta vulnerabilidad afecta solo al software que se basa en procesadores Armv8-M con la Security Extension"}], "id": "CVE-2020-16273", "lastModified": "2024-11-21T05:07:04.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-12T19:15:14.583", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-191"}], "source": "nvd@nist.gov", "type": "Primary"}]}