1. Home
  2. Weaknesses
  3. CWE-1342

CWE-1342: Information Exposure through Microarchitectural State after Transient Execution

ID CWE-1342
Abstraction Base
Structure Simple
Status Incomplete
Number of CVEs 2
Detail CAPEC Dashboard Vulnerabilities Web & Social
The processor does not properly clear microarchitectural state after incorrect microcode assists or speculative execution, resulting in transient execution.

In many processor architectures an exception, mis-speculation, or microcode assist results in a flush operation to clear results that are no longer required. This action prevents these results from influencing architectural state that is intended to be visible from software. However, traces of this transient execution may remain in microarchitectural buffers, resulting in a change in microarchitectural state that can expose sensitive information to an attacker using side-channel analysis. For example, Load Value Injection (LVI) [REF-1202] can exploit direct injection of erroneous values into intermediate load and store buffers.

Several conditions may need to be fulfilled for a successful attack:

  1. incorrect transient execution that results in remanence of sensitive information;
  2. attacker has the ability to provoke microarchitectural exceptions;
  3. operations and structures in victim code that can be exploited must be identified.

Modes of Introduction

Phase Note
Architecture and Design
Requirements

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific
Operating_system Not OS-Specific
Architecture Workstation
Architecture x86
Architecture ARM
Architecture Other
Technology Not Technology-Specific
Technology System on Chip

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-226 Sensitive Information in Resource Not Removed Before Reuse Base Simple Draft
CWE-1194 Hardware Design Draft CWE-226 Sensitive Information in Resource Not Removed Before Reuse Base Simple Draft

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org
# ID Name Weaknesses
CAPEC-696 Load Value Injection CWE-1342

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date