CVE-2020-16273

Name of the Vulnerable Software and Affected Versions Armv8-M processors (all versions)

Description The stack selection mechanism in Arm software implementing the Armv8-M processors can be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This issue affects only the software based on Armv8-M processors with the Security Extension.

Recommendations For Armv8-M processors (all versions), ensure proper initialization of the stack to prevent potential exploitation. As a temporary workaround, consider implementing additional checks to prevent stack-underflow attacks until a more comprehensive solution is available.