Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in close proximity.
Weakness
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cortex-a77_firmware | Arm | r0p0 (including) | r0p0 (including) |
| Cortex-a77_firmware | Arm | r1p0 (including) | r1p0 (including) |
| Xen | Ubuntu | bionic | * |
| Xen | Ubuntu | focal | * |
| Xen | Ubuntu | lunar | * |
| Xen | Ubuntu | mantic | * |
| Xen | Ubuntu | oracular | * |
| Xen | Ubuntu | plucky | * |
| Xen | Ubuntu | trusty | * |
| Xen | Ubuntu | xenial | * |
Extended Description
Locking is a type of synchronization behavior that ensures that multiple independently-operating processes or threads do not interfere with each other when accessing the same resource. All processes/threads are expected to follow the same steps for locking. If these steps are not followed precisely - or if no locking is done at all - then another process/thread could modify the shared resource in a way that is not visible or predictable to the original process. This can lead to data or memory corruption, denial of service, etc.
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/25.html
- https://cwe.mitre.org/data/definitions/26.html
- https://cwe.mitre.org/data/definitions/27.html