{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-5370","assignerOrgId":"63664ac6-956c-4cba-a5d0-f46076e16109","state":"PUBLISHED","assignerShortName":"freebsd","dateReserved":"2023-10-03T21:26:17.789Z","datePublished":"2023-10-04T03:59:45.199Z","dateUpdated":"2025-02-13T17:20:10.970Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unknown","modules":["arm64"],"product":"FreeBSD","vendor":"FreeBSD","versions":[{"lessThan":"p4","status":"affected","version":"13.2-RELEASE","versionType":"release"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0.</p>"}],"value":"On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-665","description":"CWE-665 Improper Initialization","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"63664ac6-956c-4cba-a5d0-f46076e16109","shortName":"freebsd","dateUpdated":"2023-11-24T09:06:43.272Z"},"references":[{"tags":["vendor-advisory"],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-23:14.smccc.asc"},{"url":"https://security.netapp.com/advisory/ntap-20231124-0005/"}],"source":{"discovery":"UNKNOWN"},"title":"arm64 boot CPUs may lack speculative execution protections","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T07:59:43.284Z"},"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_transferred"],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-23:14.smccc.asc"},{"url":"https://security.netapp.com/advisory/ntap-20231124-0005/","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-19T19:39:59.332598Z","id":"CVE-2023-5370","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-19T19:40:47.640Z"}}]}}