1. Home
  2. Weaknesses
  3. CWE-1264

CWE-1264: Hardware Logic with Insecure De-Synchronization between Control and Data Channels

ID CWE-1264
Abstraction Base
Structure Simple
Status Incomplete
Number of CVEs 1
Detail CAPEC Dashboard Vulnerabilities Web & Social
The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.

Many high-performance on-chip bus protocols and processor data-paths employ separate channels for control and data to increase parallelism and maximize throughput. Bugs in the hardware logic that handle errors and security checks can make it possible for data to be forwarded before the completion of the security checks. If the data can propagate to a location in the hardware observable to an attacker, loss of data confidentiality can occur. 'Meltdown' is a concrete example of how de-synchronization between data and permissions checking logic can violate confidentiality requirements. Data loaded from a page marked as privileged was returned to the cpu regardless of current privilege level for performance reasons. The assumption was that the cpu could later remove all traces of this data during the handling of the illegal memory access exception, but this assumption was proven false as traces of the secret data were not removed from the microarchitectural state.

Modes of Introduction

Phase Note
Architecture and Design The weakness can be introduced in the data transfer or bus protocol itself or in the implementation.
Implementation

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific
Operating_system Not OS-Specific
Architecture Not Architecture-Specific
Technology Not Technology-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-821 Incorrect Synchronization Base Simple Incomplete
CWE-1000 Research Concepts Draft CWE-1037 Processor Optimization Removal or Modification of Security-critical Code Base Simple Incomplete

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org
# ID Name Weaknesses
CAPEC-233 Privilege Escalation CWE-1264
CAPEC-663 Exploitation of Transient Instruction Execution CWE-1264

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date