CVE-2022-46892
- EPSS 0.22%
- Veröffentlicht 15.02.2023 17:15:12
- Zuletzt bearbeitet 19.03.2025 18:15:18
In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.
CVE-2022-35888
- EPSS 0.4%
- Veröffentlicht 29.09.2022 01:15:08
- Zuletzt bearbeitet 20.05.2025 20:15:22
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system...
CVE-2021-45454
- EPSS 0.35%
- Veröffentlicht 17.08.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:32:14
Ampere Altra before SRP 1.08b and Altra Max before SRP 2.05 allow information disclosure of power telemetry via HWmon.
CVE-2022-37459
- EPSS 0.17%
- Veröffentlicht 17.08.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 07:15:01
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue.
CVE-2022-32295
- EPSS 0.62%
- Veröffentlicht 01.07.2022 00:15:08
- Zuletzt bearbeitet 21.11.2024 07:06:07
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component.
CVE-2022-25368
- EPSS 0.27%
- Veröffentlicht 10.03.2022 17:47:07
- Zuletzt bearbeitet 21.11.2024 06:52:05
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then pote...