Company
Solutions
Developers
EN
EN
EnglishChinese
Ampere Computing Logo
Ampere Computing Logo
Solutions
Solutions Home
Systems
Solutions
Performance Overview
Reference Architecture Overview
Tuning Guides for Cloud Native Processing
Tutorials
Workload Briefs Overview
Where to Try
Ampere Systems
Ampere Altra
Azure
Equinix
Google Cloud
Hewlett Packard Enterprise
Oracle
Tencent Cloud
Ampere AIDownloadsHow It WorksFAQs
Developers
Developer CenterDesigning Cloud ApplicationsBuilding Cloud ApplicationsDeploying Cloud ApplicationsUsing Your DataWorking with Open SourceAmpere Ready SoftwareCommunity Forum
Support
Hero Image

Impact of Spectre BHB on Ampere

Bulletin ID: AMP-SB-0001

Potential Impact: Partial loss of protected data

Severity: Medium: CVSS score is 4.7

Summary

[CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N]

3/8/2022: Ampere investigated the potential impacts of the Spectre-BHB to Ampere products. The description of the vulnerability, published by the national vulnerability database (NVD) states:

CVE-2022-25368

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.

Affected Product(s):

Ampere® Altra® and Ampere® Altra® Max

Recommendations

Ampere recommends that users of affected products update to the latest firmware version provided by the system manufacturer that addresses these issues. Ampere also recommends updating to the latest OS updates that that addresses these issues. Disable unprivileged Extended Berkeley Packet Filter (eBPF)

References:

Created At : December 26th 2022, 5:37:05 am
Last Updated At : December 29th 2022, 8:54:26 am

Ampere Computing

4655 Great America Parkway

Suite 601 Santa Clara, CA 95054

Tel: +1-669-770-3700

info[at]amperecomputing.com

About
image
image
image
image
© 2023 Ampere Computing LLC. All rights reserved. Ampere, Altra and the A and Ampere logos are registered trademarks or trademarks of Ampere Computing.