CVE-2022-25368
Published: 10 March 2022
Summary
CVE-2022-25368 is a medium-severity an unspecified weakness vulnerability in Amperecomputing Ampere Altra Max Firmware. Its CVSS base score is 4.7 (Medium).
Operationally, ranked in the top 49.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-30039
Vulnerability details
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be…
more
used to cause cache allocation, which can then be used to infer information that should be protected.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.