CWE-1298: Hardware Logic Contains Race Conditions

Description

A race condition in the hardware logic results in undermining security guarantees of the system.

Submission Date :

Feb. 10, 2020, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

Intel Corporation

Extended Description

A race condition in logic circuits typically occurs when a logic gate gets inputs from signals that have traversed different paths while originating from the same source. Such inputs to the gate can change at slightly different times in response to a change in the source signal. This results in a timing error or a glitch (temporary or permanent) that causes the output to change to an unwanted state before settling back to the desired state. If such timing errors occur in access control logic or finite state machines that are implemented in security sensitive flows, an attacker might exploit them to circumvent existing protections.

Example Vulnerable Codes

Example - 1

The code below shows a 2x1 multiplexor using logic gates. Though the code shown below results in the minimum gate solution, it is disjoint and causes glitches.



input wire in0, in1, sel,output wire z
// 2x1 Multiplexor using logic-gatesmodule glitchEx();wire not_sel;wire and_out1, and_out2;assign not_sel = ~sel;assign and_out1 = not_sel & in0;assign and_out2 = sel & in1;// Buggy line of code:assign z = and_out1 | and_out2; // glitch in signal zendmodule

The buggy line of code, commented above, results in signal 'z' periodically changing to an unwanted state. Thus, any logic that references signal 'z' may access it at a time when it is in this unwanted state. This line should be replaced with the line shown below in the Good Code Snippet which results in signal 'z' remaining in a continuous, known, state. Reference for the above code, along with waveforms for simulation can be found in the references below.

assign z <= and_out1 or and_out2 or (in0 and in1);

This line of code removes the glitch in signal z.

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Go to

Visit http://cwe.mitre.org/ for more details.