Versio.io

CVE-2022-25368

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 10-03-2022 06:47
Last modified: - 16-03-2022 04:40
Total changes: - 2

Description

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
High
Attack complexity
Local
Attack vector
None
Availability
High
Confidentiality
None
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
4.7
Base score
1.0
3.6
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=amperecomputing AND product=ampere_altra_max_firmware AND version=-
OR
vendor=amperecomputing AND product=ampere_altra_max AND version=-
AND
OR
vendor=amperecomputing AND product=ampere_altra_firmware AND version=-
OR
vendor=amperecomputing AND product=ampere_altra AND version=-
AND
OR
vendor=arm AND product=neoverse-e1_firmware AND version=-
OR
vendor=arm AND product=neoverse-e1 AND version=-
AND
OR
vendor=arm AND product=neoverse-v1_firmware AND version=-
OR
vendor=arm AND product=neoverse-v1 AND version=-
AND
OR
vendor=arm AND product=cortex-a57_firmware AND version=-
OR
vendor=arm AND product=cortex-a57 AND version=-
AND
OR
vendor=arm AND product=cortex-a65_firmware AND version=-
OR
vendor=arm AND product=cortex-a65 AND version=-
AND
OR
vendor=arm AND product=cortex-a65ae_firmware AND version=-
OR
vendor=arm AND product=cortex-a65ae AND version=-
AND
OR
vendor=arm AND product=cortex-a72_firmware AND version=-
OR
vendor=arm AND product=cortex-a72 AND version=-
AND
OR
vendor=arm AND product=cortex-a73_firmware AND version=-
OR
vendor=arm AND product=cortex-a73 AND version=-
AND
OR
vendor=arm AND product=cortex-a75_firmware AND version=-
OR
vendor=arm AND product=cortex-a75 AND version=-
AND
OR
vendor=arm AND product=cortex-a76_firmware AND version=-
OR
vendor=arm AND product=cortex-a76 AND version=-
AND
OR
vendor=arm AND product=cortex-a76ae_firmware AND version=-
OR
vendor=arm AND product=cortex-a76ae AND version=-
AND
OR
vendor=arm AND product=cortex-a77_firmware AND version=-
OR
vendor=arm AND product=cortex-a77 AND version=-
AND
OR
vendor=arm AND product=cortex-a78_firmware AND version=-
OR
vendor=arm AND product=cortex-a78 AND version=-
AND
OR
vendor=arm AND product=cortex-a78ae_firmware AND version=-
OR
vendor=arm AND product=cortex-a78ae AND version=-
AND
OR
vendor=arm AND product=cortex-a78c_firmware AND version=-
OR
vendor=arm AND product=cortex-a78c AND version=-
AND
OR
vendor=arm AND product=cortex-x1_firmware AND version=-
OR
vendor=arm AND product=cortex-x1 AND version=-
AND
OR
vendor=arm AND product=cortex-x2_firmware AND version=-
OR
vendor=arm AND product=cortex-x2 AND version=-
AND
OR
vendor=arm AND product=cortex-a710_firmware AND version=-
OR
vendor=arm AND product=cortex-a710 AND version=-
AND
OR
vendor=arm AND product=cortex-a15_firmware AND version=-
OR
vendor=arm AND product=cortex-a15 AND version=-
AND
OR
vendor=arm AND product=neoverse_n1_firmware AND version=-
OR
vendor=arm AND product=neoverse_n1 AND version=-
AND
OR
vendor=arm AND product=neoverse_n2_firmware AND version=-
OR
vendor=arm AND product=neoverse_n2 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2022-25368

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.