| Name | CVE-2024-7883 |
| Description | When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state. This allows an attacker to read a limited quantity of Secure stack contents with an impact on confidentiality. This issue is specific to code generated using LLVM-based compilers. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| llvm-toolchain-14 (PTS) | bookworm | 1:14.0.6-12 | vulnerable |
| sid | 1:14.0.6-20 | vulnerable | |
| llvm-toolchain-15 (PTS) | bookworm | 1:15.0.6-4 | vulnerable |
| trixie | 1:15.0.7-15 | vulnerable | |
| llvm-toolchain-16 (PTS) | bullseye | 1:16.0.6-15~deb11u2 | vulnerable |
| bookworm | 1:16.0.6-15~deb12u1 | vulnerable | |
| sid, trixie | 1:16.0.6-27 | vulnerable | |
| llvm-toolchain-17 (PTS) | sid, trixie | 1:17.0.6-18 | vulnerable |
| llvm-toolchain-18 (PTS) | sid, trixie | 1:18.1.8-12 | vulnerable |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| llvm-toolchain-14 | source | (unstable) | (unfixed) | |||
| llvm-toolchain-15 | source | (unstable) | (unfixed) | |||
| llvm-toolchain-16 | source | (unstable) | (unfixed) | |||
| llvm-toolchain-17 | source | (unstable) | (unfixed) | |||
| llvm-toolchain-18 | source | (unstable) | (unfixed) |
https://developer.arm.com/Arm%20Security%20Center/Cortex-M%20Security%20Extensions%20Vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=2322994