{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-7881","assignerOrgId":"56a131ea-b967-4a0d-a41e-5f3549952846","state":"PUBLISHED","assignerShortName":"Arm","dateReserved":"2024-08-16T13:57:21.218Z","datePublished":"2025-01-28T15:01:44.445Z","dateUpdated":"2025-11-18T13:14:02.578Z"},"containers":{"cna":{"affected":[{"defaultStatus":"affected","product":"Neoverse V2","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"affected","product":"Neoverse V3","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"affected","product":"Neoverse V3AE","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"affected","product":"Cortex-X3","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"affected","product":"Cortex-X4","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"affected","product":"Cortex-X925","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"unaffected","product":"C1-Pro","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"unaffected","product":"C1-Ultra","vendor":"Arm","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"unaffected","product":"C1-Premium","vendor":"Arm","versions":[{"status":"affected","version":"0"}]}],"datePublic":"2025-01-28T14:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"An unprivileged context can trigger a data\nmemory-dependent prefetch engine to fetch the contents of a privileged location\nand consume those contents as an address that is also dereferenced."}],"value":"An unprivileged context can trigger a data\nmemory-dependent prefetch engine to fetch the contents of a privileged location\nand consume those contents as an address that is also dereferenced."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1422","description":"CWE-1422: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"56a131ea-b967-4a0d-a41e-5f3549952846","shortName":"Arm","dateUpdated":"2025-11-18T13:14:02.578Z"},"references":[{"url":"https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881"}],"source":{"discovery":"INTERNAL"},"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.1,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","integrityImpact":"LOW","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-01-28T17:06:36.950614Z","id":"CVE-2024-7881","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-06T15:41:50.704Z"}}]}}