CWE-1257
Improper Access Control Applied to Mirrored or Aliased Memory Regions
Incomplete
2020-02-24
00h00 +00:00
00h00 +00:00
2025-12-11
00h00 +00:00
00h00 +00:00
Notificações para um CWE
Fique informado sobre quaisquer alterações para um CWE específico.
Nome: Improper Access Control Applied to Mirrored or Aliased Memory Regions
Aliased or mirrored memory regions in hardware designs may have inconsistent read/write permissions enforced by the hardware. A possible result is that an untrusted agent is blocked from accessing a memory region but is not blocked from accessing the corresponding aliased memory region.
Informações Gerais
Modos de Introdução
Architecture and DesignImplementation
Plataformas Aplicáveis
Linguagem
Class: Not Language-Specific (Undetermined)Sistemas Operacionais
Class: Not OS-Specific (Undetermined)Arquiteturas
Class: Not Architecture-Specific (Undetermined)Tecnologias
Name: Memory Hardware (Undetermined)Name: Processor Hardware (Undetermined)
Name: Microcontroller Hardware (Undetermined)
Name: Network on Chip Hardware (Undetermined)
Class: System on Chip (Undetermined)
Consequências Comuns
| Escopo | Impacto | Probabilidade |
|---|---|---|
| Confidentiality | Read Memory | High |
| Integrity | Modify Memory | High |
| Availability | DoS: Instability | High |
Mitigações Potenciais
Phases : Architecture and Design // ImplementationThe checks should be applied for consistency access rights between primary memory regions and any mirrored or aliased memory regions. If different memory protection units (MPU) are protecting the aliased regions, their protected range definitions and policies should be synchronized.
Phases : Architecture and Design // Implementation
The controls that allow enabling memory aliases or changing the size of mapped memory regions should only be programmable by trusted software components.
Notas de Mapeamento de Vulnerabilidade
Justificativa : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Comentário : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Padrões de Ataque Relacionados
| CAPEC-ID | Nome do Padrão de Ataque |
|---|---|
| CAPEC-456 | Infected Memory
An adversary inserts malicious logic into memory enabling them to achieve a negative impact. This logic is often hidden from the user of the system and works behind the scenes to achieve negative impacts. This pattern of attack focuses on systems already fielded and used in operation as opposed to systems that are still under development and part of the supply chain. |
| CAPEC-679 | Exploitation of Improperly Configured or Implemented Memory Protections
|
Submissão
| Nome | Organização | Data | Data de lançamento | Version |
|---|---|---|---|---|
| Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi | Intel Corporation | 4.1 |
Modificações
| Nome | Organização | Data | Comentário |
|---|---|---|---|
| CWE Content Team | MITRE | updated Demonstrative_Examples, Description, Modes_of_Introduction, Potential_Mitigations, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Potential_Mitigations | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Applicable_Platforms | |
| CWE Content Team | MITRE | updated Demonstrative_Examples | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Weakness_Ordinalities |
