Hi, this website uses essential cookies to ensure its proper operation, analytical cookies to improve its functionality, and tracking cookies to understand how you interact with it. The non-essential cookies will be set only after consent.

Name

These cookies allow us and our third-party service providers to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us improve how our website works by, for example, ensuring that users can easily find what they need on our website. These cookies generate aggregate statistics that are not associated with an individualized profile.

Performance and Analytics cookies

Our website requires the use of these cookies to properly operate or provide necessary functions relating to the services you request. They include, for example, cookies enabling us to track your preferences and allow third party embed functionality.

Strictly necessary cookies

With up to 192 cores,  AmpereOne® is the next generation of Cloud Native Processors for sustainable compute.

AmpereOne® Product Brief

Processors

Partners

Product Security

Where to Buy

Where to Try

Products

We have created a new class of GPU-free AI inferencing that delivers the best price/performance for many AI models.

Ampere AI Solutions

Solutions Center

Artificial Intelligence

ARM Native Apps

Data Analytics

Edge and Embedded

Media Services

Storage

Web Services

Solutions

How FreeBSD Employs Ampere Arm64 Servers in the Data Center

Ampere in the Wild:

Developer Center

Design

Build

Deploy

Power Your AI

Working with Open Source

Ampere Ready Software

Community Forum

Subscribe to Newsletter

Developers

The Data Center Dilemma: Balancing Growth, Efficiency & Environmental Impact

Blog

Events

Webinars

Case Studies

Blogs

Ampere YouTube

Briefs

Tutorials

Tuning Guides

Resources

Sandy Dash Engineer on the Silicon Validation team

Meet the Team at Ampere:

About Us

Leadership Team

Newsroom

Careers

Contact Us

Contact Sales

Company

## Platypus

**Bulletin ID:** AMP_SB_0003

**Potential Impact:** Loss of confidential information

**Severity:** Medium (CVSS 5.3)

### Who is Impacted
Multi-tenant operating environment running on Ampere® Altra®/Ampere® Altra® Max.

### Potential Impact
Potential Impact: Loss of confidential information

### Severity
Medium (CVSS 5.3)
This CVSS string is CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

### Problem Statement and Impact
Telemetry information made available through the Linux OS HWMon subsystem, which is used by the Ampere® Altra® HWmon driver, allows unprivileged SW access to telemetry. ​


The Linux kernel driver allows an authenticated user to obtain power telemetry information on Ampere® Altra® Family CPUs via HWmon, which can then potentially be exploited to reverse engineer confidential data of another tenant on the same system.​

### Fixed in
- SRP 1.08b or later for Ampere® Altra® [Ampere SRP 1.08b.20211015 Binary Package](https://amperecomputing.com/customer-connect/)
- SRP 2.05 or later for Ampere® Altra® Max [Ampere SRP aco2 r2.05.20211217 Binary Package](https://amperecomputing.com/customer-connect/)

### Affected Products

Ampere® Altra® and Ampere® Altra® Max.

### Recommendations

- SRP 1.08b or later for Ampere® Altra

- SRP 2.05 or later for Ampere® Altra® Max.

Telemetry information available through the Linux OS HWMon subsystem, used by the Ampere® Altra® HWmon driver, allows unprivileged SW access to telemetry. ​

Platypus

Ampere Computing Microprocessors for greater efficiency

Platypus

Summary

Who is Impacted

Potential Impact

Severity

Problem Statement and Impact

Fixed in

Affected Products

Recommendations