CVE-2024-7881

{"id": "CVE-2024-7881", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.5}]}, "published": "2025-01-28T15:15:12.847", "references": [{"url": "https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881", "tags": ["Vendor Advisory"], "source": "arm-security@arm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-203"}]}], "descriptions": [{"lang": "en", "value": "An unprivileged context can trigger a data\nmemory-dependent prefetch engine to fetch the contents of a privileged location\nand consume those contents as an address that is also dereferenced."}, {"lang": "es", "value": "Un contexto sin privilegios puede activar un motor de precarga dependiente de la memoria de datos para obtener el contenido de una ubicaci\u00f3n privilegiada y consumir ese contenido como una direcci\u00f3n que tambi\u00e9n est\u00e1 desreferenciada."}], "lastModified": "2025-12-18T15:36:35.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:c1-premium_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "697A11F4-9A13-4DC4-90AD-A2CB215D5BCF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:c1-premium:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1C6B2962-3F19-46B9-A74A-521FF4ECC357"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:c1-pro_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81BDFB4D-C287-46F8-8523-E5C33639C78C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:c1-pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B682BB76-044E-416E-930E-19DDBB6DB940"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:c1-ultra_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46FBFC11-C12A-44A7-9EE0-504FFDEA7BC3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:c1-ultra:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "501E45AC-8E1E-4095-9771-04C739A864BB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E776B4A0-0642-489C-B03B-F6B9FFDFFD11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "979779A2-D556-4EF5-932D-F38009186B91"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x4_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F8394E0-E173-41B5-B13D-6F45947D46E6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63E0897F-9D56-4835-8C12-B3758CF38F96"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x925_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF2C4EC2-711A-407A-A8F4-7E7134B4F06E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x925:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B1CE6CA3-E32E-4892-A7DB-D4A879956320"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96E7E713-E11C-45CB-83E7-C21F57720A55"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7DF8B63B-C2E7-4C97-BA5C-79E2278F0C52"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0E84400-B02D-4B8D-9179-5428D38641CF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EFC574FE-7462-4E50-AE4A-5204C339C1F0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v3ae_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0CDE1B2-393F-4D2A-B872-3317B26D06B3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v3ae:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66BD33A8-6D01-4A63-B81E-E974CDFAD04A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "arm-security@arm.com"}