CVE Vulnerabilities

CVE-2023-31325

Improper Isolation of Shared Resources on System-on-a-Chip (SoC)

Published: Sep 06, 2025 | Modified: Sep 06, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity.

Weakness

The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.

Extended Description

A System-On-a-Chip (SoC) has a lot of functionality, but it may have a limited number of pins or pads. A pin can only perform one function at a time. However, it can be configured to perform multiple different functions. This technique is called pin multiplexing. Similarly, several resources on the chip may be shared to multiplex and support different features or functions. When such resources are shared between trusted and untrusted agents, untrusted agents may be able to access the assets intended to be accessed only by the trusted agents.

Potential Mitigations

  • When sharing resources, avoid mixing agents of varying trust levels.
  • Untrusted agents should not share resources with trusted agents.

References