CVE-2024-7883

NameCVE-2024-7883
DescriptionWhen using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state. This allows an attacker to read a limited quantity of Secure stack contents with an impact on confidentiality. This issue is specific to code generated using LLVM-based compilers.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
llvm-toolchain-14 (PTS)bookworm1:14.0.6-12vulnerable
sid1:14.0.6-20vulnerable
llvm-toolchain-15 (PTS)bookworm1:15.0.6-4vulnerable
trixie1:15.0.7-15vulnerable
llvm-toolchain-16 (PTS)buster, buster (lts)1:16.0.6-15~deb10u1vulnerable
bullseye1:16.0.6-15~deb11u2vulnerable
bookworm1:16.0.6-15~deb12u1vulnerable
llvm-toolchain-17 (PTS)sid, trixie1:17.0.6-18vulnerable
llvm-toolchain-18 (PTS)sid, trixie1:18.1.8-12vulnerable
llvm-toolchain-19 (PTS)trixie1:19.1.5-1vulnerable
sid1:19.1.6-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
llvm-toolchain-14source(unstable)(unfixed)
llvm-toolchain-15source(unstable)(unfixed)
llvm-toolchain-16sourcebuster(unfixed)end-of-life
llvm-toolchain-16source(unstable)(unfixed)
llvm-toolchain-17source(unstable)(unfixed)
llvm-toolchain-18source(unstable)(unfixed)
llvm-toolchain-19source(unstable)(unfixed)

Notes

[bookworm] - llvm-toolchain-14 <ignored> (Minor issue, doesn't affect the default build flags in Debian and no backport into release branches planned)
[bookworm] - llvm-toolchain-15 <ignored> (Minor issue, doesn't affect the default build flags in Debian and no backport into release branches planned)
[bookworm] - llvm-toolchain-16 <ignored> (Minor issue, doesn't affect the default build flags in Debian and no backport into release branches planned)
[bullseye] - llvm-toolchain-16 <ignored> (Minor issue, doesn't affect the default build flags in Debian and no backport into release branches planned)
https://developer.arm.com/Arm%20Security%20Center/Cortex-M%20Security%20Extensions%20Vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=2322994
https://github.com/llvm/llvm-project/pull/114433

Search for package or bug name: Reporting problems