Report Security Vulnerabilities
Arm takes security issues seriously and welcomes feedback from researchers and the security community in order to improve the security of its products and services.
Arm Security Bulletins
Arm publishes security bulletins when a vulnerability is found to affect an Arm product.
Arm Security Updates
Arm provides information about vulnerabilities which do not affect Arm products but are of interest to Arm partners.
Arm Security Articles
Arm provides analysis and comments on issues impacting the security of technology products. Explore our Arm Security Articles.
Arm GPU Security Update: Compression Side-Channel
https://www.hertzbleed.com/gpu.zip/ ... 1-1 ... This information is provided subject to the Arm Security Legal Notices and Disclaimer ... Arm GPU Security Update: Compression Side-Channel ASC
Arm GPU Security Update: GPU Initiated 'Rowhammer'
Version ... 1-1 ... Formatting Update ... This information is provided subject to the Arm Security Legal Notices and Disclaimer. Arm GPU Security Update: GPU Initiated 'Rowhammer' ASC
Cortex-M Security Extensions Security Bulletin: CVE-2024-7883
The Fixed Versions column indicates versions that do not generate code that is ... Toolchain Affected Versions ... 6.6 - 6.22 6.23 Arm Compiler for Embedded FuSa 6.16LTS ... 1-0
Arm CPU Security Bulletin: CVE-2021-35465
GNU compiler ... Target ... Armv8-M with the Main Extension ... Mitigation disabled Cortex-M33 ... Cortex-M35P Mitigation in library code Cortex-M55 Mitigation enabled
Arm CPU Security Update: Multiple Fault Injection attacks on TrustZone enabled Cortex-M based systems
If a system needs to have protection against fault injection attacks along with other ... While such attacks are outside the scope of many threat models (because they require ... Description
Arm CPU Security Bulletin: CVE-2024-7881
Enabling KPTI will help protect against this issue on systems which have not yet ... To facilitate this, Arm has updated the SMC Calling Convention spec so that ... Acknowledgements ... 1-0
Arm CPU Security Bulletin: CVE-2024-5660
Overview ... Acknowledgements This issue was identified by Arm. Version History ... Date Description 1-0 December 10, 2024 Initial release 1-1 December 16, 2024
Arm CPU Security Bulletin: CVE-2024-10929
Implementations running on both Trusted-Firmware-A and Linux are therefore already ... Arm has submitted a patch to the Linux Kernel that will protect Cortex-A72 prior to r1p0 ... Date ... 1-0
Arm CPU Security Update: Speculative Race Conditions
Arm would like to thank Hany Ragab and Cristiano Giuffrida from the VUSec group at VU ... March 14, 2025 Republished as 110364 ... Arm CPU Security Update: Speculative Race Conditions ASC
Cortex-M Security Extensions Security Bulletin: CVE-2024-0151
Arm Compiler for Functional Safety 6.6 All versions The next Functional Safety Release with the fix is 6.22.1 (planned) Arm GNU toolchain / Arm GNU Embedded Toolchain ... Resources
Arm CPU Security Update: Prefetcher Side Channels
Under the updated definition of FEAT_CSV2 in section B2.2.3.11 of the Arm ... Recommendations ... Arm does not recommend any other action for normal workloads. ... References ... Description
Mali GPU Driver Security Bulletin: CVE-2024-6790 and CVE-2025-0015
Product Fixed versions Bifrost GPU Kernel Driver CVE-2024-6790: r49p1 Valhall GPU Kernel Driver CVE-2024-6790: r49p1 and r52p0 ... Version History Version Date
SCP-Firmware Security Bulletin: CVE-2024-11863 and CVE-2024-11864
Acknowledgements ... 1-0 ... This information is provided subject to the Arm Security Legal Notices and Disclaimer. SCP-Firmware Security Bulletin: CVE-2024-11863 and CVE-2024-11864 ASC
SCP-Firmware Security Bulletin: CVE-2024-9413
Acknowledgements ... Re-published as ID 110356 ... This information is provided subject to the Arm Security Legal Notices and Disclaimer. SCP-Firmware Security Bulletin: CVE-2024-9413 ASC
Arm Software Security Bulletin: Log4j
2.15 ... Unaffected: All other versions. Arm Forge ... To remove any residual risk, either set environment variable ARM_DISABLE_ANALYTICS to ... Cycle Models ... DS-5 Development Studio
Arm CPU Security Update: Memory Tagging Extension
Resources Speculative Oracles on Memory Tagging Version History ... Date ... 1.0 December 19, 2023 Initial release 2-0 May 20, 2024 Updated description of MTE
Arm CPU Security Update: TLB-Based Side Channel Attack
References https://vusec.net/projects/slam Resources TLB Channels, SLAM-like Attacks, and Transient Translation of Non-Canonical Addresses Version History ... Date ... 1-0
Arm CPU Security Update: Training in Transient Execution Attacks
Version ... March 14, 2025 ... This information is provided subject to the Arm Security Legal Notices and Disclaimer. Arm CPU Security Update: Training in Transient Execution Attacks ASC
Arm CPU Security Update: Pointer Authentication
An alternative and better-performing sequence that avoids this limitation is: LDR X0, [X1] MOV X3, X0 XPAC X0 AUT X3 LDR X2, [X0] ... Warning ... References ... Date
Arm CPU Security Update: Software-based Power Side Channels
https://collidepower.com/ ... 1-1 ... This information is provided subject to the Arm Security Legal Notices and Disclaimer ... Arm CPU Security Update: Software-based Power Side Channels ASC
Mali GPU Driver Security Bulletin: 2021-2023 Disclosures
n/a Title ... 7th November 2023 Affects Valhall GPU Kernel Driver: All versions from r29p0 - r42p0 Arm 5th Gen GPU Architecture Kernel Driver: All versions from r41p0 - r42p0
Mali GPU Driver Security Bulletin: 2024 Disclosures
Mali GPU Kernel Driver allows improper GPU memory processing operations ... Date of issue ... Affects ... Arm 5th Gen GPU Architecture Kernel Driver: All versions from r41p0 - r49p0 Impact
GCC AArch64 Security Bulletin: CVE-2023-4039
The modified stack layout is local to each function and is not expected to introduce ... The patches are: ... https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch- ...
Arm Software Security Bulletin: CVE-2022-43701, CVE-2022-43702, and CVE-2022-43703
Tool ... Affected: Releases prior to 6.6.5 ... Arm Compiler for Linux N/A ... Arm Development Studio / Arm DS Affected: All releases prior to 2024.1 Unaffected: 2024.1 and later
Arm CPU Security Bulletin: CVE-2020-13844
These were merged into several projects in late 2019 and early 2020, including ... Similar mitigations for ERET were already present in the /arch/arm64/ Linux kernel ... Date Description
Arm CPU Security Update: SRAM Aging Attacks
Resources ... 1-0 ... Re-published as ID110359 ... This information is provided subject to the Arm Security Legal Notices and Disclaimer. Arm CPU Security Update: SRAM Aging Attacks ASC
Arm Software Security Bulletin: CVE-2020-16273
Place the seal value after the stack in memory using scatter-loading Wrap a function that executes before main ... What is the impact on Trusted Firmware-M? ... Version History ... Date
Arm CPU Security Update: Timing Side Channel Attacks on TrustZone enabled Cortex-M based systems
Although this feature does not mitigate the specific attack referred to in this ... Acknowledgements ... References ... Version History ... Date Description 1-0 May 11, 2023
Arm CPU Security Update: Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels
https://arxiv.org/pdf/2005.05254 ... 1-0 ... 1-1 March 14, 2025 Republished as document 110392 ... Arm CPU Security Update: Microarchitectural Leakage Templates and Their Application ...
Arm CPU Security Update: Power Consumption Side-Channels
Arm advises against providing power consumption telemetry to untrusted users. Users who are concerned about this style of attack are recommended to speak to their ... References ... 1-0
Arm CPU Security Update: Retpoline Return Instructions
These mitigations are the same as those for Spectre variant 2. References https://comsec.ethz.ch/research/microarch/retbleed/ Version History ... Date ... 1-0 July 13, 2022
Arm CPU Security Update: Power-Management Throttling Side-Channel
The benefit of these techniques is that the observable properties (e.g., power ... This significantly reduces the likelihood of a successful attack at the cost of ... Date Description
Arm CPU Security Bulletin: Spectre/Meltdown
Overview ... CVE Details ... Revision ... Variant 3 Variant3a Variant 4 Spectre-BHB Cortex-A8 ... No ... Cortex-A9 All ... Yes ... Cortex-A12 ... Cortex-A15 ... Cortex-A17
Arm Compiler 5 Security Bulletin: CVE-2020-24658
Version History ... Date Description 1-0 December 24, 2020 Initial release ... January 30, 2025 Republished as Article ID 110262 ... March 6, 2025 Update Title
CVE-2024-0151: Supporting Information for Developers
This document provides additional detail to the Cortex-M Security Extensions (CMSE) Security Bulletin.
Speculative Oracles on Memory Tagging
Arm MTE is designed to be used as a debugging aid to find memory safety issues that may become exploitable security vulnerabilities.
Straight-line speculation whitepaper
This whitepaper documents the possibilities for a processor to speculatively execute the instructions immediately following what should be a change in control flow, and the mitigations recommended by Arm. This concept has been named Straight-line Speculation.
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels
Collide+Power is a new software-based power side-channel attack capable of leaking data from the CPU memory hierarchy.
Addressing Spectre Variant 1
This white paper provides a brief overview of the original Spectre Variant 1 attack and discusses some practical mitigation techniques that can be applied.
Cache Speculation Side channels v2.5
This whitepaper looks at the susceptibility of Arm implementations following research findings from security researchers, including Google and MIT, on new potential cache timing side-channels exploiting processor speculation.
TLB Channels, SLAM-like Attacks, and Transient Translation of Non-Canonical Addresses
Arm has been informed of a new paper presenting the SLAM attack, demonstrating how some architectural extensions can degrade security and increase the risk of some transient execution attacks.
INCEPTION: Speculative Branch Type Confusion and Transient Training
INCEPTION is a research paper that describes a new transient execution attack. This attack can bypass software Branch Target Injection (BTI) countermeasures in CPUs of another architecture.
