Question 1

What is CWE-1421 — Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution?

Accepted Answer

A processor event may allow transient operations to access architecturally restricted data (for example, in another address space) in a shared microarchitectural structure (for example, a CPU cache), potentially exposing the data over a covert channel.

Question 2

What is the authoritative source for CWE-1421?

Accepted Answer

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution (CWE-1421) is catalogued in MITRE CWE and curated for EU compliance use cases by SQUR.

CWE-1421Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution

Description

Common consequences· 1

Potential mitigations· 5

References

Related by meaning· 6