Exécuter une analyse statique (SAST) sur le code source à la recherche du motif non sécurisé dans le flux de données.
CWE-1239 Variante Brouillon
Improper Zeroization of Hardware Register
This vulnerability occurs when a hardware component fails to properly erase sensitive data from its internal registers before a new user or process gains access to the hardware block.
Définition
What is CWE-1239?
This vulnerability occurs when a hardware component fails to properly erase sensitive data from its internal registers before a new user or process gains access to the hardware block.
Hardware blocks, like cryptographic accelerators, use built-in registers to temporarily hold data during operations. These registers can retain sensitive information such as encryption keys or passwords, which becomes a security risk if not cleared. When control of the hardware switches—for example, during a mode change or between different software processes—the next entity accessing the registers might be able to read the previous user's leftover data.
To prevent data leaks, hardware must actively clear its registers during user transitions or when a physical tamper event is detected. This clearing process, often called zeroization, is a critical security requirement in standards like FIPS-140-2 for ensuring that sensitive data isn't exposed unintentionally.
Impact réel
Real-world CVEs caused by CWE-1239
Aucune référence CVE publique n'est liée à ce CWE dans le catalogue MITRE pour le moment.
Comment les attaquants l'exploitent
Parcours de l'attaquant étape par étape
- 1
Suppose a hardware IP for implementing an encryption routine works as expected, but it leaves the intermediate results in some registers that can be accessed. Exactly why this access happens is immaterial - it might be unintentional or intentional, where the designer wanted a "quick fix" for something.
- 2
The example code below [REF-1379] is taken from the SHA256 Interface/wrapper controller module of the HACK@DAC'21 buggy OpenPiton SoC. Within the wrapper module there are a set of 16 memory-mapped registers referenced data[0] to data[15]. These registers are 32 bits in size and are used to store the data received on the AXI Lite interface for hashing. Once both the message to be hashed and a request to start the hash computation are received, the values of these registers will be forwarded to the underlying SHA256 module for processing. Once forwarded, the values in these registers no longer need to be retained. In fact, if not cleared or overwritten, these sensitive values can be read over the AXI Lite interface, potentially compromising any previously confidential data stored therein.
- 3
In the previous code snippet [REF-1379] there is the lack of a data clearance mechanism for the memory-mapped I/O registers after their utilization. These registers get cleared only when a reset condition is met. This condition is met when either the global negative-edge reset input signal (rst_ni) or the dedicated reset input signal for SHA256 peripheral (rst_3) is active. In other words, if either of these reset signals is true, the registers will be cleared. However, in cases where there is not a reset condition these registers retain their values until the next hash operation. It is during the time between an old hash operation and a new hash operation that that data is open to unauthorized disclosure.
- 4
To correct the issue of data persisting between hash operations, the memory mapped I/O registers need to be cleared once the values written in these registers are propagated to the SHA256 module. This could be done for example by adding a new condition to zeroize the memory mapped I/O registers once the hash value is computed, i.e., hashValid signal asserted, as shown in the good code example below [REF-1380]. This fix will clear the memory-mapped I/O registers after the data has been provided as input to the SHA engine.
Exemple de code vulnérable
Vulnerable Verilog
The example code below [REF-1379] is taken from the SHA256 Interface/wrapper controller module of the HACK@DAC'21 buggy OpenPiton SoC. Within the wrapper module there are a set of 16 memory-mapped registers referenced data[0] to data[15]. These registers are 32 bits in size and are used to store the data received on the AXI Lite interface for hashing. Once both the message to be hashed and a request to start the hash computation are received, the values of these registers will be forwarded to the underlying SHA256 module for processing. Once forwarded, the values in these registers no longer need to be retained. In fact, if not cleared or overwritten, these sensitive values can be read over the AXI Lite interface, potentially compromising any previously confidential data stored therein.
...
```
// Implement SHA256 I/O memory map interface
// Write side
always @(posedge clk_i)
begin
if(~(rst_ni && ~rst_3))
begin
startHash <= 0;
newMessage <= 0;
data[0] <= 0;
data[1] <= 0;
data[2] <= 0;
...
data[14] <= 0;
data[15] <= 0;
... Exemple de code sécurisé
Secure Verilog
To correct the issue of data persisting between hash operations, the memory mapped I/O registers need to be cleared once the values written in these registers are propagated to the SHA256 module. This could be done for example by adding a new condition to zeroize the memory mapped I/O registers once the hash value is computed, i.e., hashValid signal asserted, as shown in the good code example below [REF-1380]. This fix will clear the memory-mapped I/O registers after the data has been provided as input to the SHA engine.
...
```
// Implement SHA256 I/O memory map interface
// Write side
always @(posedge clk_i)
begin
if(~(rst_ni && ~rst_3))
begin
startHash <= 0;
newMessage <= 0;
data[0] <= 0;
data[1] <= 0;
data[2] <= 0;
...
data[14] <= 0;
data[15] <= 0;
end
```
else if(hashValid && ~hashValid_r)**
```
```
begin**
```
```
data[0] <= 0;**
**data[1] <= 0;**
**data[2] <= 0;**
**...**
**data[14] <= 0;**
**data[15] <= 0;**
end
... What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Liste de contrôle de prévention
How to prevent CWE-1239
- Architecture and Design Every register potentially containing sensitive information must have a policy specifying how and when information is cleared, in addition to clarifying if it is the responsibility of the hardware logic or IP user to initiate the zeroization procedure at the appropriate time.
Signaux de détection
How to detect CWE-1239
Exécuter des tests de sécurité applicative dynamique (DAST) contre le point de terminaison en ligne.
Surveiller les journaux runtime pour détecter des traces d'exception inhabituelles, des entrées malformées ou des tentatives de contournement d'autorisation.
Revue de code : signaler tout nouveau code qui traite les entrées de cette surface sans utiliser les helpers du framework validés.
Plexicus détecte automatiquement CWE-1239 et ouvre une PR de correction en moins de 60 secondes.
Codex Remedium analyse chaque commit, identifie cette faiblesse précise et livre une pull request prête à être relue avec le correctif. Pas de tickets. Pas de transferts.
Questions fréquentes Qu'est-ce que CWE-1239 ?
Quelle est la gravité de CWE-1239 ?
Quels langages ou plateformes sont affectés par CWE-1239 ?
Comment puis-je prévenir CWE-1239 ?
Comment Plexicus détecte et corrige CWE-1239 ?
Où puis-je en savoir plus sur CWE-1239 ?
Frequently asked questions
Qu'est-ce que CWE-1239 ?
This vulnerability occurs when a hardware component fails to properly erase sensitive data from its internal registers before a new user or process gains access to the hardware block.
Quelle est la gravité de CWE-1239 ?
MITRE n'a pas publié de note de probabilité d'exploitation pour cette faiblesse. Traitez-la comme un impact moyen jusqu'à ce que votre modèle de menace prouve le contraire.
Quels langages ou plateformes sont affectés par CWE-1239 ?
MITRE lists the following affected platforms: Not OS-Specific, Not Architecture-Specific, System on Chip.
Comment puis-je prévenir CWE-1239 ?
Every register potentially containing sensitive information must have a policy specifying how and when information is cleared, in addition to clarifying if it is the responsibility of the hardware logic or IP user to initiate the zeroization procedure at the appropriate time.
Comment Plexicus détecte et corrige CWE-1239 ?
Le moteur SAST de Plexicus reconnaît la signature de flux de données de CWE-1239 à chaque commit. Lorsqu'une correspondance est trouvée, notre agent Codex Remedium ouvre une PR de correction avec le code corrigé, les tests et un résumé d'une ligne pour le relecteur.
Où puis-je en savoir plus sur CWE-1239 ?
MITRE publie la définition canonique à https://cwe.mitre.org/data/definitions/1239.html. Vous pouvez également consulter la documentation OWASP et NIST pour des conseils adjacents.
Faiblesses associées
Weaknesses related to CWE-1239
CWE-226 Parent
Sensitive Information in Resource Not Removed Before Reuse
This vulnerability occurs when a system releases a resource like memory or a file for reuse but fails to erase the sensitive data it…
CWE-1272 Frère
Sensitive Information Uncleared Before Debug/Power State Transition
This vulnerability occurs when a device changes its power mode or enters a debug state but fails to wipe sensitive data that should become…
CWE-1301 Frère
Insufficient or Incomplete Data Removal within Hardware Component
The product's data removal process fails to completely erase all data from hardware components, potentially leaving sensitive information…
CWE-1342 Frère
Information Exposure through Microarchitectural State after Transient Execution
This vulnerability occurs when a CPU fails to completely erase temporary data traces left behind by speculative execution or error…
CWE-244 Frère
Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Using realloc() to resize buffers containing secrets like passwords or keys can leave that sensitive data exposed in memory, as the…
Ressources
Further reading
- MITRE — CWE-1239 officiel https://cwe.mitre.org/data/definitions/1239.html
- FIPS PUB 140-2: SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES https://csrc.nist.gov/files/pubs/fips/140-2/upd2/final/docs/fips1402.pdf
- Data Remanence in Semiconductor Devices https://www.usenix.org/legacy/events/sec01/full_papers/gutmann/gutmann.pdf
- sha256_wrapper.sv https://github.com/HACK-EVENT/hackatdac21/blob/b9ecdf6068445d76d6bee692d163fededf7a9d9b/piton/design/chip/tile/ariane/src/sha256/sha256_wrapper.sv#L94-L116
- Fix for sha256_wrapper.sv https://github.com/HACK-EVENT/hackatdac21/blob/e8ba396b5c7cec9031e0e0e18ac547f32cd0ed50/piton/design/chip/tile/ariane/src/sha256/sha256_wrapper.sv#L98C1-L139C18
Prêt quand vous l'êtes
Arrêtez de payer par développeur.
Commencez à fermer la boucle.
Plexicus est l'ASPM natif IA qui scanne, filtre, corrige, penteste et explique — de façon autonome. Développeurs illimités, dépôts illimités, actions IA à usage équitable. Vrai niveau gratuit, €269/mo annuel quand vous êtes prêt.