CVE-2024-5660

{"id": "CVE-2024-5660", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-12-10T14:30:47.963", "references": [{"url": "https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660", "tags": ["Vendor Advisory"], "source": "arm-security@arm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "arm-security@arm.com", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 may permit bypass of Stage-2 translation and/or GPT protection."}, {"lang": "es", "value": "El uso de agregaci\u00f3n de p\u00e1ginas de hardware (HPA) y traducci\u00f3n de etapa 1 y/o etapa 2 en A77, A78, A78C, A78AE, A710, V1, V2, V3, V3AE, X1, X1C, X2, X3, X4, N2, X925 y Travis puede permitir la omisi\u00f3n de la traducci\u00f3n de etapa 2 y/o la protecci\u00f3n GPT."}], "lastModified": "2026-01-05T14:44:15.913", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a710_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AF7E5CA-95FF-4242-BD6E-8BDC185DA095"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a710:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7CEEC509-2A56-48F1-B388-3A8660D58FB5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "155A0C39-4D0A-4264-B392-46002908939C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96AB8C81-F441-4563-B5E0-B738DF4D1C50"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDA3C472-D1E9-47B3-AFD0-BD274E3291F9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30BECA7-C45A-423D-9200-98D51BE9C84C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E376B2A-430D-4D1D-BC28-92CD7E1E8564"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a78c_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0B159B3-65DD-4914-A4A4-EF342A3BAEB9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a78c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6194A1A7-A29D-4ECC-8D6D-02C17D49851E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D200C1F-1909-4952-824F-A2D279B9B37E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FC9F68C-7D65-4D29-AAA1-BA43228C6208"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x1c_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77394F8B-97DF-425C-923C-26C829ED5C14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x1c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62BE97A9-218A-498F-8F41-23F31DC9FF72"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B749251-B873-4E37-BB5C-1D4C021205D3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D7FB822-DD26-402E-A413-EF55B6C01D07"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E776B4A0-0642-489C-B03B-F6B9FFDFFD11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "979779A2-D556-4EF5-932D-F38009186B91"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x4_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F8394E0-E173-41B5-B13D-6F45947D46E6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63E0897F-9D56-4835-8C12-B3758CF38F96"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x925_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF2C4EC2-711A-407A-A8F4-7E7134B4F06E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x925:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B1CE6CA3-E32E-4892-A7DB-D4A879956320"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B37176F-0AF4-4410-9C1F-4C5ED0051681"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D2F2936E-A611-472E-8EF0-F336A19DF578"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v1_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E32A1FF8-3A37-4D10-8DBB-3ECAA8A5F970"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C3F388EB-8A46-43E1-9AB1-5832FBB9262A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96E7E713-E11C-45CB-83E7-C21F57720A55"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7DF8B63B-C2E7-4C97-BA5C-79E2278F0C52"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0E84400-B02D-4B8D-9179-5428D38641CF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EFC574FE-7462-4E50-AE4A-5204C339C1F0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v3ae_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0CDE1B2-393F-4D2A-B872-3317B26D06B3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v3ae:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66BD33A8-6D01-4A63-B81E-E974CDFAD04A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "arm-security@arm.com"}