Question 1

What is CWE-1422 — Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution?

Accepted Answer

A processor event or prediction may allow incorrect or stale data to be forwarded to transient operations, potentially exposing data over a covert channel.

Question 2

What is the authoritative source for CWE-1422?

Accepted Answer

Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution (CWE-1422) is catalogued in MITRE CWE and curated for EU compliance use cases by SQUR.

CWE-1422Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution

Description

Common consequences· 1

Potential mitigations· 5

References

Related by meaning· 6