CWE-1189 6 件の CVE MITRE の定義 ↗

CWE-1189: Improper Isolation of Shared Resources on System-on-a-Chip (SoC)

概要

CWE-1189(Improper Isolation of Shared Resources on System-on-a-Chip (SoC))は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

セキュリティへの影響
セキュリティ影響:製品や文脈に依存します。CVE 記録、深刻度、MITRE の説明を参照して優先度を判断してください。

説明

The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.

適用プラットフォーム

種別 名称 クラス 普遍性 OS / CPE
language Not Language-Specific Undetermined
technology System on Chip Undetermined

このデータベースの関連 CVE

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE 公開 概要
CVE-2025-54518 2026-05-15 Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resul…
CVE-2024-36332 2026-05-14 Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine (VM) to perform unauthorized access to specific victim range of GPU MMIO register space…
CVE-2025-54514 2026-02-10 Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.
CVE-2023-31325 2025-09-06 Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentialit…
CVE-2023-49141 2024-08-14 Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-42667 2024-08-14 Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.

旧名称

  • Improper Isolation of Shared Resources on System-on-Chip (SoC) (2020-08-20)

コンテンツ投稿

名称
Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi
組織
Intel Corporation
日付
2019-10-15
バージョン
4.0

コンテンツの変更履歴

日付 名称 バージョン 重要度 コメント
2020-08-20 CWE Content Team 4.2 updated Common_Consequences, Description, Name, Potential_Mitigations, Related_Attack_Patterns, Relationships
2020-12-10 CWE Content Team 4.3 updated Relationships
2021-07-20 CWE Content Team 4.5 updated Demonstrative_Examples
2021-10-28 CWE Content Team 4.6 updated Description, Observed_Examples, References, Relationships, Weakness_Ordinalities
2022-10-13 CWE Content Team 4.9 updated Detection_Factors
2023-04-27 CWE Content Team 4.11 updated Observed_Examples, Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes, Relationships
2025-04-03 CWE Content Team 4.17 updated Demonstrative_Examples
2025-09-09 CWE Content Team 4.18 updated Relationships

貢献

タイプ 名称 日付 コメント
Content 2021-07-16 Provided Demonstrative Example for Hardware Root of Trust.
Content Hareesh Khattri 2021-10-22 provided observed example
Content Hareesh Khattri 2022-04-18 changed detection method
cvelogic Threat Intelligence