CVE-2022-25368
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/03/2022
Last modified:
16/03/2022
Description
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.
Impact
Base Score 3.x
4.70
Severity 3.x
MEDIUM
Base Score 2.0
1.90
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:amperecomputing:ampere_altra_max_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amperecomputing:ampere_altra_max:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amperecomputing:ampere_altra_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amperecomputing:ampere_altra:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:arm:neoverse-e1_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arm:neoverse-e1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:arm:neoverse-v1_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arm:neoverse-v1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:arm:cortex-a65_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arm:cortex-a65:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:arm:cortex-a65ae_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arm:cortex-a65ae:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page