Hi, this website uses essential cookies to ensure its proper operation, analytical cookies to improve its functionality, and tracking cookies to understand how you interact with it. The non-essential cookies will be set only after consent.

Name

These cookies allow us and our third-party service providers to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us improve how our website works by, for example, ensuring that users can easily find what they need on our website. These cookies generate aggregate statistics that are not associated with an individualized profile.

Performance and Analytics cookies

Our website requires the use of these cookies to properly operate or provide necessary functions relating to the services you request. They include, for example, cookies enabling us to track your preferences and allow third party embed functionality.

Strictly necessary cookies

With up to 192 cores,  AmpereOne® is the next generation of Cloud Native Processors for sustainable compute.

AmpereOne® Product Brief

Processors

Partner Ecosystem

Product Security

Where to Try

Products

A Game-Changer for Efficient, Scalable Compute, and AI Workloads

AmpereOne®

Solutions Center

Artificial Intelligence

ARM Native Apps

Data Analytics

Edge and Embedded

Media Services

Storage

Web Services

Solutions

Video Recaps of Ampere’s 2024 Developer Summit

Blog

Developer Center

Design

Build

Deploy

Power Your AI

Working with Open Source

Ampere Ready Software

Community Forum

Subscribe to Newsletter

Developers

Customer Connect

Help

Support

ZEISS Demonstrates the Power of Scalable Workflows with Ampere® Altra® and SpinKube

Developer Story

Blogs

Case Studies

Events

Webinars

YouTube

Resource Library

Resources

Democratizing Scalable and Sustainable Compute

Engineering AI’s Future:

About Us

Leadership Team

Newsroom

Careers

Contact Us

Contact Sales

Company

## Platypus

**Bulletin ID:** AMP_SB_0003

**Potential Impact:** Loss of confidential information

**Severity:** Medium (CVSS 5.3)

### Who is Impacted
Multi-tenant operating environment running on Ampere® Altra®/Ampere® Altra® Max.

### Potential Impact
Potential Impact: Loss of confidential information

### Severity
Medium (CVSS 5.3)
This CVSS string is CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

### Problem Statement and Impact
Telemetry information made available through the Linux OS HWMon subsystem, which is used by the Ampere® Altra® HWmon driver, allows unprivileged SW access to telemetry. ​


The Linux kernel driver allows an authenticated user to obtain power telemetry information on Ampere® Altra® Family CPUs via HWmon, which can then potentially be exploited to reverse engineer confidential data of another tenant on the same system.​

### Fixed in
- SRP 1.08b or later for Ampere® Altra® [Ampere SRP 1.08b.20211015 Binary Package](https://amperecomputing.com/customer-connect/)
- SRP 2.05 or later for Ampere® Altra® Max [Ampere SRP aco2 r2.05.20211217 Binary Package](https://amperecomputing.com/customer-connect/)

### Affected Products

Ampere® Altra® and Ampere® Altra® Max.

### Recommendations

- SRP 1.08b or later for Ampere® Altra

- SRP 2.05 or later for Ampere® Altra® Max.

Telemetry information available through the Linux OS HWMon subsystem, used by the Ampere® Altra® HWmon driver, allows unprivileged SW access to telemetry. ​

Platypus

Ampere Computing Microprocessors for greater efficiency

Platypus

Summary

Who is Impacted

Potential Impact

Severity

Problem Statement and Impact

Fixed in

Affected Products

Recommendations