CWE-1037

Nome

Processor Optimization Removal or Modification of Security-critical Code

Probabilità

Basso

Stato

Incomplete

Pubblicato

2018-03-29
00h00 +00:00

Modificato

2023-06-29
00h00 +00:00

Link ufficiali

CWE Mitre.org

Notifiche per un CWE specifico

Rimani informato su qualsiasi modifica relativa a un CWE specifico.

Gestione notifiche

Avvisi personalizzati

Attiva i tuoi avvisi personalizzati!

Per attivare i tuoi avvisi, è sufficiente essere connessi al proprio account gratuito. Se non hai ancora effettuato l'accesso, scegli una delle opzioni seguenti.

Accedi al tuo account Crea un account gratuito

Notifiche per un CWE specifico

Rimani informato su qualsiasi modifica relativa a un CWE specifico.

Parametri

È possibile specificare un titolo che verrà riportato negli avvisi inviati.

Specifica l'ID CWE che desideri monitorare.

Pianificazione

Mese

Calcolo della prossima esecuzione

Giorno

Giorno della settimana

Ora

Minuto

Data di creazione

Ultima esecuzione

Prossima esecuzione

Nome: Processor Optimization Removal or Modification of Security-critical Code

The developer builds a security-critical protection mechanism into the software, but the processor optimizes the execution of the program such that the mechanism is removed or modified.

General Informations

Modes Of Introduction

Architecture and Design : Optimizations built into the design of the processor can have unintended consequences during the execution of an application.

Piattaforme applicabili

Linguaggio

Class: Not Language-Specific (Rarely)

Tecnologie

Name: Processor Hardware (Undetermined)

Conseguenze comuni

Ambito	Impatto	Probabilità
Integrity	Bypass Protection Mechanism Note: A successful exploitation of this weakness will change the order of an application's execution and will likely be used to bypass specific protection mechanisms. This bypass can be exploited further to potentially read data that should otherwise be unaccessible.	High

Esempi osservati

Riferimenti	Descrizione
CVE-2017-5715	Intel, ARM, and AMD processor optimizations related to speculative execution and branch prediction cause access control checks to be bypassed when placing data into the cache. Often known as "Spectre".
CVE-2017-5753	Intel, ARM, and AMD processor optimizations related to speculative execution and branch prediction cause access control checks to be bypassed when placing data into the cache. Often known as "Spectre".
CVE-2017-5754	Intel processor optimizations related to speculative execution cause access control checks to be bypassed when placing data into the cache. Often known as "Meltdown".

Detection Methods

White Box

In theory this weakness can be detected through the use of white box testing techniques where specifically crafted test cases are used in conjunction with debuggers to verify the order of statements being executed.
Effectiveness : Opportunistic

Note sulla mappatura delle vulnerabilità

Giustificazione : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Commento : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Pattern di attacco correlati

CAPEC-ID	Nome del pattern di attacco
CAPEC-663	Exploitation of Transient Instruction Execution An adversary exploits a hardware design flaw in a CPU implementation of transient instruction execution to expose sensitive data and bypass/subvert access control over restricted resources. Typically, the adversary conducts a covert channel attack to target non-discarded microarchitectural changes caused by transient executions such as speculative execution, branch prediction, instruction pipelining, and/or out-of-order execution. The transient execution results in a series of instructions (gadgets) which construct covert channel and access/transfer the secret data.

Note

As of CWE 4.9, members of the CWE Hardware SIG are closely analyzing this entry and others to improve CWE's coverage of transient execution weaknesses, which include issues related to Spectre, Meltdown, and other attacks. Additional investigation may include other weaknesses related to microarchitectural state. As a result, this entry might change significantly in CWE 4.10.

Riferimenti

REF-11

Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom.
https://arxiv.org/abs/1801.01203

REF-12

Meltdown
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg.
https://arxiv.org/abs/1801.01207

Invio

Nome	Organizzazione	Data	Data di rilascio	Version
CWE Content Team	MITRE	2018-03-07 +00:00	2018-03-29 +00:00	3.1

Modifiche

Nome	Organizzazione	Data	Commento
CWE Content Team	MITRE	2020-02-24 +00:00	updated Relationships
CWE Content Team	MITRE	2020-06-25 +00:00	updated Relationships
CWE Content Team	MITRE	2021-03-15 +00:00	updated Related_Attack_Patterns
CWE Content Team	MITRE	2022-10-13 +00:00	updated Applicable_Platforms, Maintenance_Notes
CWE Content Team	MITRE	2023-04-27 +00:00	updated Relationships
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes

CWE-1037 Detail