CVE-2022-37459 - OpenCVE

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Amperecomputing	Ampere Altra Ampere Altra Firmware Ampere Altra Max Ampere Altra Max Firmware

Configuration 1 [-]

AND

cpe:2.3:o:amperecomputing:ampere_altra_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amperecomputing:ampere_altra:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:amperecomputing:ampere_altra_max_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amperecomputing:ampere_altra_max:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://amperecomputing.com/products/security-bulletins/retbleed.html
https://developer.arm.com/documentation/ka005138/1-0/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-17T12:49:21

Updated: 2024-08-03T10:29:21.026Z

Reserved: 2022-08-07T00:00:00

Link: CVE-2022-37459

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-17T13:15:08.433

Modified: 2022-08-18T19:29:43.743

Link: CVE-2022-37459

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a \"Retbleed\" issue."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-17T12:49:21", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://amperecomputing.com/products/security-bulletins/retbleed.html"}, {"tags": ["x_refsource_MISC"], "url": "https://developer.arm.com/documentation/ka005138/1-0/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-37459", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a \"Retbleed\" issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://amperecomputing.com/products/security-bulletins/retbleed.html", "refsource": "MISC", "url": "https://amperecomputing.com/products/security-bulletins/retbleed.html"}, {"name": "https://developer.arm.com/documentation/ka005138/1-0/", "refsource": "MISC", "url": "https://developer.arm.com/documentation/ka005138/1-0/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:29:21.026Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://amperecomputing.com/products/security-bulletins/retbleed.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://developer.arm.com/documentation/ka005138/1-0/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37459", "datePublished": "2022-08-17T12:49:21", "dateReserved": "2022-08-07T00:00:00", "dateUpdated": "2024-08-03T10:29:21.026Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amperecomputing:ampere_altra_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9389458-A2CF-46C8-A7B0-F2A0C594C8CA", "versionEndExcluding": "1.08g", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amperecomputing:ampere_altra:-:*:*:*:*:*:*:*", "matchCriteriaId": "62F8E59F-D4A4-4C58-BE5E-C5C0B8E40D37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amperecomputing:ampere_altra_max_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E590AD6B-DE99-424D-B0B0-6AE7FBFB0066", "versionEndExcluding": "2.05a", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amperecomputing:ampere_altra_max:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B8623E0-29D4-4AF7-B538-995F4E871B32", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a \"Retbleed\" issue."}, {"lang": "es", "value": "Los dispositivos Ampere Altra versiones anteriores a 1.08g y los dispositivos Ampere Altra Max versiones anteriores a 2.05a, permiten a atacantes controlar las predicciones de las direcciones de retorno y potencialmente secuestrar el flujo de c\u00f3digo para ejecutar c\u00f3digo arbitrario por medio de un ataque de canal lateral, tambi\u00e9n se conoce como problema \"Retbleed\"."}], "id": "CVE-2022-37459", "lastModified": "2022-08-18T19:29:43.743", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-17T13:15:08.433", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://amperecomputing.com/products/security-bulletins/retbleed.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://developer.arm.com/documentation/ka005138/1-0/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-203"}], "source": "nvd@nist.gov", "type": "Primary"}]}