CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-7881: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those...

Description

An unprivileged context can trigger a data
memory-dependent prefetch engine to fetch the contents of a privileged location
and consume those contents as an address that is also dereferenced.

Classification

CVE ID: CVE-2024-7881

Affected Products

Vendor: Arm

Product: Neoverse V2

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.77% (scored less or equal to compared to others)

EPSS Date: 2025-02-27 (when was this score calculated)

References

https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881

Timeline

2025-01-29 10:30:09 UTC
CVE

An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those...