CVE-2023-34320
Published: 08 December 2023
Summary
CVE-2023-34320 is a medium-severity Improper Locking (CWE-667) vulnerability in Arm Cortex-A77 Firmware. Its CVSS base score is 5.5 (Medium).
Operationally, ranked at the 28.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-38401
Vulnerability details
Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read…
more
of the Physical Address Register (PAR_EL1) in close proximity.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.