Description
When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state. This allows an attacker to read a limited quantity of Secure stack contents with an impact on confidentiality. This issue is specific to code generated using LLVM-based compilers.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 13 | | =1:17.0.6-22 || =1:17.0.6-23 | - |
debian 13 | | =1:18.1.8-18 || =1:18.1.8-20 | - |
debian 11 | | =1:19.1.0-1 || =1:19.1.0-2 || =1:19.1.0-3 || =1:19.1.0-3.1 || =1:19.1.0-4 || =1:19.1.0~++20240724103243+7af27be6633a-1~exp1 || =1:19.1.0~++rc2-1~exp1 || =1:19.1.0~++rc3-1 || =1:19.1.0~++rc3-1~exp1 || =1:19.1.0~++rc3-2 || =1:19.1.0~++rc4-1 || =1:19.1.0~++rc4-2 || =1:19.1.0~++rc4-3 || =1:19.1.0~++rc4-4 || =1:19.1.0~++rc4-5 || =1:19.1.1-1 || =1:19.1.1-1+powerpc || =1:19.1.2-1 || =1:19.1.2-1+hurd.1 || =1:19.1.2-1+hurd.2 || =1:19.1.2-1+powerpc || =1:19.1.2-1+powerpc.1 || =1:19.1.2-2 || =1:19.1.3-1 || =1:19.1.3-2 || =1:19.1.4-1 || =1:19.1.4-1~deb12u1 || =1:19.1.5-1 || =1:19.1.6-1 || =1:19.1.7-1 || =1:19.1.7-10 || =1:19.1.7-10.1 || =1:19.1.7-11 || =1:19.1.7-12 || =1:19.1.7-13 || =1:19.1.7-14 || =1:19.1.7-15 || =1:19.1.7-16 || =1:19.1.7-17 || =1:19.1.7-18 || =1:19.1.7-19 || =1:19.1.7-2 || =1:19.1.7-20 || =1:19.1.7-3 || =1:19.1.7-3+hurd.1 || =1:19.1.7-3~deb11u1 || =1:19.1.7-3~deb12u1 || =1:19.1.7-6 || =1:19.1.7-6+powerpc || =1:19.1.7-7 || =1:19.1.7-7+hurd.1 || =1:19.1.7-8 || =1:19.1.7-9 | - |
debian 12 | | =1:19.1.0-1 || =1:19.1.0-2 || =1:19.1.0-3 || =1:19.1.0-3.1 || =1:19.1.0-4 || =1:19.1.0~++20240724103243+7af27be6633a-1~exp1 || =1:19.1.0~++rc2-1~exp1 || =1:19.1.0~++rc3-1 || =1:19.1.0~++rc3-1~exp1 || =1:19.1.0~++rc3-2 || =1:19.1.0~++rc4-1 || =1:19.1.0~++rc4-2 || =1:19.1.0~++rc4-3 || =1:19.1.0~++rc4-4 || =1:19.1.0~++rc4-5 || =1:19.1.1-1 || =1:19.1.1-1+powerpc || =1:19.1.2-1 || =1:19.1.2-1+hurd.1 || =1:19.1.2-1+hurd.2 || =1:19.1.2-1+powerpc || =1:19.1.2-1+powerpc.1 || =1:19.1.2-2 || =1:19.1.3-1 || =1:19.1.3-2 || =1:19.1.4-1 || =1:19.1.4-1~deb12u1 || =1:19.1.5-1 || =1:19.1.6-1 || =1:19.1.7-1 || =1:19.1.7-10 || =1:19.1.7-10.1 || =1:19.1.7-11 || =1:19.1.7-12 || =1:19.1.7-13 || =1:19.1.7-14 || =1:19.1.7-15 || =1:19.1.7-16 || =1:19.1.7-17 || =1:19.1.7-18 || =1:19.1.7-19 || =1:19.1.7-2 || =1:19.1.7-20 || =1:19.1.7-3 || =1:19.1.7-3+hurd.1 || =1:19.1.7-3~deb11u1 || =1:19.1.7-3~deb12u1 || =1:19.1.7-6 || =1:19.1.7-6+powerpc || =1:19.1.7-7 || =1:19.1.7-7+hurd.1 || =1:19.1.7-8 || =1:19.1.7-9 | - |
debian 13 | | =1:19.1.7-10 || =1:19.1.7-10.1 || =1:19.1.7-11 || =1:19.1.7-12 || =1:19.1.7-13 || =1:19.1.7-14 || =1:19.1.7-15 || =1:19.1.7-16 || =1:19.1.7-17 || =1:19.1.7-18 || =1:19.1.7-19 || =1:19.1.7-20 || =1:19.1.7-3 || =1:19.1.7-3+hurd.1 || =1:19.1.7-6 || =1:19.1.7-6+powerpc || =1:19.1.7-7 || =1:19.1.7-7+hurd.1 || =1:19.1.7-8 || =1:19.1.7-9 | - |
debian 14 | | =1:19.1.7-10 || =1:19.1.7-10.1 || =1:19.1.7-11 || =1:19.1.7-12 || =1:19.1.7-13 || =1:19.1.7-14 || =1:19.1.7-15 || =1:19.1.7-3 || =1:19.1.7-3+hurd.1 || =1:19.1.7-6 || =1:19.1.7-6+powerpc || =1:19.1.7-7 || =1:19.1.7-7+hurd.1 || =1:19.1.7-8 || =1:19.1.7-9 || >=0 <1:19.1.7-16 | 1:19.1.7-16 |
debian 12 | | =1:14.0.6-12 || =1:14.0.6-12+powerpc || =1:14.0.6-13 || =1:14.0.6-14 || =1:14.0.6-16 || =1:14.0.6-16.1 || =1:14.0.6-16.1~exp1 || =1:14.0.6-17 || =1:14.0.6-18 || =1:14.0.6-19 || =1:14.0.6-20 | - |
debian 12 | | =1:15.0.6-4 || =1:15.0.6-5~exp1 || =1:15.0.6-5~exp2 || =1:15.0.6-5~exp3 || =1:15.0.7-1 || =1:15.0.7-1+hurd.1 || =1:15.0.7-10 || =1:15.0.7-10.1~exp1 || =1:15.0.7-11 || =1:15.0.7-11.1 || =1:15.0.7-12 || =1:15.0.7-13 || =1:15.0.7-14 || =1:15.0.7-15 || =1:15.0.7-15+hurd.1 || =1:15.0.7-2 || =1:15.0.7-3 || =1:15.0.7-4 || =1:15.0.7-5 || =1:15.0.7-5~exp1 || =1:15.0.7-6 || =1:15.0.7-7 || =1:15.0.7-8 || =1:15.0.7-9 | - |
debian 11 | | =1:16.0.0-1~exp1 || =1:16.0.0-1~exp2 || =1:16.0.0-1~exp3 || =1:16.0.0-1~exp4 || =1:16.0.0-1~exp5 || =1:16.0.0~+rc1-1~exp1 || =1:16.0.0~+rc2-1~exp1 || =1:16.0.0~+rc3-1~exp1 || =1:16.0.0~+rc4-1~exp1 || =1:16.0.1-1~exp1 || =1:16.0.1-1~exp2 || =1:16.0.2-1~exp1 || =1:16.0.3-1~exp1 || =1:16.0.4-1~exp1 || =1:16.0.5-1 || =1:16.0.5-1~exp1 || =1:16.0.6-1 || =1:16.0.6-10 || =1:16.0.6-11 || =1:16.0.6-12 || =1:16.0.6-13 || =1:16.0.6-14 || =1:16.0.6-15 || =1:16.0.6-15+x32 || =1:16.0.6-15exp1 || =1:16.0.6-15~deb11u1 || =1:16.0.6-15~deb11u2 || =1:16.0.6-15~deb12u1 || =1:16.0.6-16 || =1:16.0.6-17 || =1:16.0.6-17exp1 || =1:16.0.6-18 || =1:16.0.6-19 || =1:16.0.6-19.1~exp1 || =1:16.0.6-2 || =1:16.0.6-20 || =1:16.0.6-21 || =1:16.0.6-22 || =1:16.0.6-23 || =1:16.0.6-24 || =1:16.0.6-25 || =1:16.0.6-26 || =1:16.0.6-27 || =1:16.0.6-27+hurd.1 || =1:16.0.6-27+x32 || =1:16.0.6-3 || =1:16.0.6-4 || =1:16.0.6-5 || =1:16.0.6-6 || =1:16.0.6-7 || =1:16.0.6-8 || =1:16.0.6-9 | - |
debian 12 | | =1:16.0.0-1~exp1 || =1:16.0.0-1~exp2 || =1:16.0.0-1~exp3 || =1:16.0.0-1~exp4 || =1:16.0.0-1~exp5 || =1:16.0.0~+rc1-1~exp1 || =1:16.0.0~+rc2-1~exp1 || =1:16.0.0~+rc3-1~exp1 || =1:16.0.0~+rc4-1~exp1 || =1:16.0.1-1~exp1 || =1:16.0.1-1~exp2 || =1:16.0.2-1~exp1 || =1:16.0.3-1~exp1 || =1:16.0.4-1~exp1 || =1:16.0.5-1 || =1:16.0.5-1~exp1 || =1:16.0.6-1 || =1:16.0.6-10 || =1:16.0.6-11 || =1:16.0.6-12 || =1:16.0.6-13 || =1:16.0.6-14 || =1:16.0.6-15 || =1:16.0.6-15+x32 || =1:16.0.6-15exp1 || =1:16.0.6-15~deb11u1 || =1:16.0.6-15~deb11u2 || =1:16.0.6-15~deb12u1 || =1:16.0.6-16 || =1:16.0.6-17 || =1:16.0.6-17exp1 || =1:16.0.6-18 || =1:16.0.6-19 || =1:16.0.6-19.1~exp1 || =1:16.0.6-2 || =1:16.0.6-20 || =1:16.0.6-21 || =1:16.0.6-22 || =1:16.0.6-23 || =1:16.0.6-24 || =1:16.0.6-25 || =1:16.0.6-26 || =1:16.0.6-27 || =1:16.0.6-27+hurd.1 || =1:16.0.6-27+x32 || =1:16.0.6-3 || =1:16.0.6-4 || =1:16.0.6-5 || =1:16.0.6-6 || =1:16.0.6-7 || =1:16.0.6-8 || =1:16.0.6-9 | - |
