The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
History

Tue, 20 Aug 2024 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Alibaba
Alibaba t-head Xuantie C910
Alibaba t-head Xuantie C920
Weaknesses CWE-119
CWE-123
CPEs cpe:2.3:o:alibaba:t-head_xuantie_c910:*:*:*:*:*:*:*:*
cpe:2.3:o:alibaba:t-head_xuantie_c920:*:*:*:*:*:*:*:*
Vendors & Products Alibaba
Alibaba t-head Xuantie C910
Alibaba t-head Xuantie C920
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 19 Aug 2024 01:00:00 +0000

Type Values Removed Values Added
Description The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-20T19:45:07.970Z

Reserved: 2024-08-19T00:00:00

Link: CVE-2024-44067

cve-icon Vulnrichment

Updated: 2024-08-20T19:41:10.646Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-19T01:15:13.410

Modified: 2024-08-20T20:35:34.497

Link: CVE-2024-44067

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.