{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amperecomputing:ampere_altra_max_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD11462B-20A3-4D99-B7B8-270AFAC16306", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amperecomputing:ampere_altra_max:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B8623E0-29D4-4AF7-B538-995F4E871B32", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amperecomputing:ampere_altra_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F0074CA-F557-4610-AB0F-A88C720AD661", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amperecomputing:ampere_altra:-:*:*:*:*:*:*:*", "matchCriteriaId": "62F8E59F-D4A4-4C58-BE5E-C5C0B8E40D37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-e1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2543729C-69F9-47C8-B5E4-87156BFFF32F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-e1:-:*:*:*:*:*:*:*", "matchCriteriaId": "A639E025-B946-4A84-88B9-2E5E655711CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse-v1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E32A1FF8-3A37-4D10-8DBB-3ECAA8A5F970", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse-v1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3F388EB-8A46-43E1-9AB1-5832FBB9262A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "68D895EC-B0A9-4292-AC64-60673F72C765", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:*", "matchCriteriaId": "B00CD88D-5649-403F-A55A-BD49427D30FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a65_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE23799E-5B88-4631-B3D8-04BDB6A0795E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a65:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEE41A45-7244-4A96-9A22-3BF57F9B7560", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a65ae_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "18E54F07-38EA-4CCC-8F59-855D9251F818", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a65ae:-:*:*:*:*:*:*:*", "matchCriteriaId": "5693AF9C-8E4A-4BFD-AE1C-073CB3B5053D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "38768B2B-F1A3-4A76-8716-9520CA075F3D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*", "matchCriteriaId": "16E23102-964E-485D-8EFF-4B1BBFE6EDE4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7173A6DC-4D4E-424C-A922-C16D67627834", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:*", "matchCriteriaId": "33B1374D-59E8-4FE5-AC6C-0323AB1DD60D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A891447-2F1D-48B4-AA47-3CB7EA4FDC7C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C1DF922-1F46-41A6-A367-E56DD8C4163D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "08CC4E5E-2794-4893-9B45-E14A3F4CF159", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E4FCA77-71D3-495E-BA2A-2953369E5DCC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a76ae_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6022C19-3C39-439E-AE6E-2319D831CF99", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a76ae:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B08A239-BFC8-41EA-8A48-69F8DD7FC221", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "155A0C39-4D0A-4264-B392-46002908939C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*", "matchCriteriaId": "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "96AB8C81-F441-4563-B5E0-B738DF4D1C50", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDA3C472-D1E9-47B3-AFD0-BD274E3291F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E30BECA7-C45A-423D-9200-98D51BE9C84C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E376B2A-430D-4D1D-BC28-92CD7E1E8564", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a78c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0B159B3-65DD-4914-A4A4-EF342A3BAEB9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a78c:-:*:*:*:*:*:*:*", "matchCriteriaId": "6194A1A7-A29D-4ECC-8D6D-02C17D49851E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D200C1F-1909-4952-824F-A2D279B9B37E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FC9F68C-7D65-4D29-AAA1-BA43228C6208", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-x2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B749251-B873-4E37-BB5C-1D4C021205D3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-x2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D7FB822-DD26-402E-A413-EF55B6C01D07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a710_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2AF7E5CA-95FF-4242-BD6E-8BDC185DA095", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a710:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CEEC509-2A56-48F1-B388-3A8660D58FB5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a15_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "23EADA1F-73E8-4E70-AF90-CE8D26552687", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a15:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8FDE279-49C3-452A-B9B0-36199C221F95", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4164A584-6F0D-4154-8FED-DC044CDE1FE7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse_n1:-:*:*:*:*:*:*:*", "matchCriteriaId": "74C9E6FC-9C40-4105-9FB0-17013E1ABBB3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B37176F-0AF4-4410-9C1F-4C5ED0051681", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2F2936E-A611-472E-8EF0-F336A19DF578", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected."}, {"lang": "es", "value": "Spectre BHB es una variante de Spectre-v2 en la que el c\u00f3digo malicioso usa el historial de bifurcaciones compartido (almacenado en el BHB de la CPU) para influir en las bifurcaciones mal predichas en el contexto de hardware de la v\u00edctima. Una especulaci\u00f3n causada por estas ramas mal predichas puede entonces ser usada potencialmente para causar la asignaci\u00f3n de la cach\u00e9, la cual puede ser usada para inferir informaci\u00f3n que debe ser protegida"}], "id": "CVE-2022-25368", "lastModified": "2024-11-21T06:52:05.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-10T17:47:07.880", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://amperecomputing.com/products/security-bulletins/impact-of-spectre-bhb-on-ampere.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960"}, {"source": "cve@mitre.org", "tags": ["Patch", "Technical Description", "Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://amperecomputing.com/products/security-bulletins/impact-of-spectre-bhb-on-ampere.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Technical Description", "Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}
EUVD
MITRE
Vulnrichment
NVD
Redhat
OpenCVE Enrichment