Wind River Support Network

Not to be fixed

LIN1021-7571 : Security Advisory - linux - CVE-2023-52481

Created: Feb 29, 2024    Updated: Apr 5, 2024
Resolved Date: Apr 5, 2024
Found In Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel


In the Linux kernel, the following vulnerability has been resolved:

arm64: errata: Add Cortex-A520 speculative unprivileged load workaround

Implement the workaround for ARM Cortex-A520 erratum 2966298. On an
affected Cortex-A520 core, a speculatively executed unprivileged load
might leak data from a privileged load via a cache side channel. The
issue only exists for loads within a translation regime with the same
translation (e.g. same ASID and VMID). Therefore, the issue only affects
the return to EL0.

The workaround is to execute a TLBI before returning to EL0 after all
loads of privileged data. A non-shareable TLBI to any address is

The workaround isn't necessary if page table isolation (KPTI) is
enabled, but for simplicity it will be. Page table isolation should
normally be disabled for Cortex-A520 as it supports the CSV3 feature
and the E0PD feature (used when KASLR is enabled).

CREATE(Triage):(User=admin) CVE-2023-52481 (
Live chat