CWE-1422: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution

BaseIncomplete

A processor event or prediction may allow incorrect or stale data to be forwarded to transient operations, potentially exposing data over a covert channel.

View on MITRE
Back to CWE Lookup

Extended Description

Software may use a variety of techniques to preserve the confidentiality of private data that is accessible within the current processor context. For example, the memory safety and type safety properties of some high-level programming languages help to prevent software written in those languages from exposing private data. As a second example, software sandboxes may co-locate multiple users' software within a single process. The processor's Instruction Set Architecture (ISA) may permit one user's software to access another user's data (because the software shares the same address space), but the sandbox prevents these accesses by using software techniques such as bounds checking. If incorrect or stale data can be forwarded (for example, from a cache) to transient operations, then the operations' microarchitectural side effects may correspond to the data. If an attacker can trigger these transient operations and observe their side effects through a covert channel, then the attacker may be able to infer the data. For example, an attacker process may induce transient execution in a victim process that causes the victim to inadvertently access and then expose its private data via a covert channel. In the software sandbox example, an attacker sandbox may induce transient execution in its own code, allowing it to transiently access and expose data in a victim sandbox that shares the same address space. Consequently, weaknesses that arise from incorrect/stale data forwarding might violate users' expectations of software-based memory safety and isolation techniques. If the data forwarding behavior is not properly documented by the hardware vendor, this might violate the software vendor's expectation of how the hardware should behave.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms
Not OS-Specific

Frequently Asked Questions

What is CWE-1422: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution?+

CWE-1422: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution is a Common Weakness Enumeration (CWE) entry maintained by MITRE. A processor event or prediction may allow incorrect or stale data to be forwarded to transient operations, potentially exposing data over a covert channel. Software may use a variety of techniques to preserve the confidentiality of private data that is accessible within the current processor context. For example, the memory safety and type safety properties of some high-level programming languages help to prevent software written in those languages from exposing private data. As a second example, software sandboxes may co-locate multiple users' software within a single process. The processor's Instruction Set Architecture (ISA) may permit one user's software to access another user's data (because the software shares the same address space), but the sandbox prevents these accesses by using software techniques such as bounds checking. If incorrect or stale data can be forwarded (for example, from a cache) to transient operations, then the operations' microarchitectural side effects may correspond to the data. If an attacker can trigger these transient operations and observe their side effects through a covert channel, then the attacker may be able to infer the data. For example, an attacker process may induce transient execution in a victim process that causes the victim to inadvertently access and then expose its private data via a covert channel. In the software sandbox example, an attacker sandbox may induce transient execution in its own code, allowing it to transiently access and expose data in a victim sandbox that shares the same address space. Consequently, weaknesses that arise from incorrect/stale data forwarding might violate users' expectations of software-based memory safety and isolation techniques. If the data forwarding behavior is not properly documented by the hardware vendor, this might violate the software vendor's expectation of how the hardware should behave.

What are the security consequences of Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution?+

If exploited, CWE-1422 (Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution) it can compromise Confidentiality, leading to outcomes such as Read Memory.

How do you prevent or mitigate Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution?+

Recommended mitigations for CWE-1422 include: The hardware designer can attempt to prevent transient execution from causing observable discrepancies in specific covert channels. Processor designers may expose instructions or other architectural features that allow software to mitigate the effects of transient execution, but without disabling predictors. These features may also help to limit opportunities for data exposure. Processor designers may expose registers (for example, control registers or model-specific registers) that allow privileged and/or user software to disable specific predictors or other hardware features that can cause confidential data to be exposed during transient execution.

How is Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution detected?+

CWE-1422 can be detected using Automated Static Analysis and Automated Analysis. Combining automated tooling with manual review typically yields the best coverage.

Which programming languages are affected by Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution?+

CWE-1422 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What are real-world examples of Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution?+

MITRE documents real CVEs mapped to CWE-1422, including CVE-2020-0551 and CVE-2020-8698. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1422 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More

CWE-1422: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution | CWE Lookup | InventiveHQ