Vulnerability Description
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amperecomputing | Ampere Altra Max Firmware | - |
| Amperecomputing | Ampere Altra Max | - |
| Amperecomputing | Ampere Altra Firmware | - |
| Amperecomputing | Ampere Altra | - |
| Arm | Neoverse-E1 Firmware | - |
| Arm | Neoverse-E1 | - |
| Arm | Neoverse-V1 Firmware | - |
| Arm | Neoverse-V1 | - |
| Arm | Cortex-A57 Firmware | - |
| Arm | Cortex-A57 | - |
| Arm | Cortex-A65 Firmware | - |
| Arm | Cortex-A65 | - |
| Arm | Cortex-A65Ae Firmware | - |
| Arm | Cortex-A65Ae | - |
| Arm | Cortex-A72 Firmware | - |
| Arm | Cortex-A72 | - |
| Arm | Cortex-A73 Firmware | - |
| Arm | Cortex-A73 | - |
| Arm | Cortex-A75 Firmware | - |
| Arm | Cortex-A75 | - |
References
- https://amperecomputing.com/products/security-bulletins/impact-of-spectre-bhb-onVendor Advisory
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960Third Party AdvisoryVDB Entry
- https://developer.arm.com/support/arm-security-updates/speculative-processor-vulPatchTechnical DescriptionVendor Advisory
- https://amperecomputing.com/products/security-bulletins/impact-of-spectre-bhb-onVendor Advisory
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960Third Party AdvisoryVDB Entry
- https://developer.arm.com/support/arm-security-updates/speculative-processor-vulPatchTechnical DescriptionVendor Advisory
FAQ
What is CVE-2022-25368?
CVE-2022-25368 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation c...
How severe is CVE-2022-25368?
CVE-2022-25368 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-25368?
Check the references section above for vendor advisories and patch information. Affected products include: Amperecomputing Ampere Altra Max Firmware, Amperecomputing Ampere Altra Max, Amperecomputing Ampere Altra Firmware, Amperecomputing Ampere Altra, Arm Neoverse-E1 Firmware.