Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-48251

The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture."

Published

2023-01-10T07:15:09.647

Last Modified

2024-11-21T07:33:02.947

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-203

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	arm	cortex-a53_firmware	-	Yes
Hardware	arm	cortex-a53	-	No
Operating System	arm	cortex-a55_firmware	-	Yes
Hardware	arm	cortex-a55	-	No
Operating System	arm	cortex-a57_firmware	-	Yes
Hardware	arm	cortex-a57	-	No
Operating System	arm	cortex-a72_firmware	-	Yes
Hardware	arm	cortex-a72	-	No
Operating System	arm	cortex-a73_firmware	-	Yes
Hardware	arm	cortex-a73	-	No
Operating System	arm	cortex-a75_firmware	-	Yes
Hardware	arm	cortex-a75	-	No
Operating System	arm	cortex-a76_firmware	-	Yes
Hardware	arm	cortex-a76	-	No
Operating System	arm	cortex-a76ae_firmware	-	Yes
Hardware	arm	cortex-a76ae	-	No
Operating System	arm	cortex-a77_firmware	-	Yes
Hardware	arm	cortex-a77	-	No
Operating System	arm	cortex-a78_firmware	-	Yes
Hardware	arm	cortex-a78	-	No

References

https://eprint.iacr.org/2022/230 Technical Description, Third Party Advisory ([email protected])
https://eshard.com/posts/sca-attacks-on-armv8 Exploit, Third Party Advisory ([email protected])
https://eprint.iacr.org/2022/230 Technical Description, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://eshard.com/posts/sca-attacks-on-armv8 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)