Company
Solutions
Developers
EN
EN
EnglishChinese
Ampere Computing Logo
Ampere Computing Logo
Solutions
Solutions Home
Systems
Solutions
Performance Overview
Reference Architecture Overview
Tuning Guides for Cloud Native Processing
Tutorials
Workload Briefs Overview
Where to Try
Ampere Systems
Ampere Altra
Azure
Equinix
Google Cloud
Hewlett Packard Enterprise
Oracle
Tencent Cloud
Ampere AIDownloadsHow It WorksFAQs
Developers
Developer CenterDesigning Cloud ApplicationsBuilding Cloud ApplicationsDeploying Cloud ApplicationsUsing Your DataWorking with Open SourceAmpere Ready SoftwareCommunity Forum
Support
Hero Image

Retbleed

Bulletin ID: AMP-SB-0004

Potential Impact: An attacker can control the predictions for return addresses and can potentially hijack code flow to execute arbitrary code.

Severity: CVSS score: 6.5 (Medium)

Summary

Who is Impacted

All users of Ampere® Altra® and Ampere® Altra® Max.

Potential Impact

An attacker can control the predictions for return addresses and can potentially hijack code flow to execute arbitrary code.

Severity

Medium CVSS score: 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Problem Statement and Impact

Retbleed is an attack that exploits the unprotected prediction of return instructions. The issue is similar to Spectre variant 2 but exploits some easily triggerable cases (for example, fallback on empty return stack) where predictions for return addresses can still be controlled by an attacker. The Ampere® Altra® family and AmpereOne (formerly known as “Siryn”) are impacted by the Retbleed attack. Existing hardware mitigations (FEAT_CSV2), recommended for Spectre v2 and Spectre-BHB, provide mitigations for attacks based on Retbleed.

Fixed in

Ampere® Altra® 1.08g Ampere® Altra® Max 2.05a

Affected Products

The Ampere® Altra® family and AmpereOne (formerly known as “Siryn”) are impacted by the Retbleed attack.

Recommendations

It is highly recommended to upgrade firmware to Ampere® Altra® SRP 1.08g/Ampere® Altra® Max SRP 2.05a or greater. Hardware mitigations (FEAT_CSV2), recommended for Spectre v2 and Spectre-BHB, provide mitigations for attacks based on Retbleed.

References

https://developer.arm.com/documentation/ka005138/1-0/?lang=en

Created At : December 26th 2022, 6:42:37 am
Last Updated At : December 29th 2022, 9:01:46 am

Ampere Computing

4655 Great America Parkway

Suite 601 Santa Clara, CA 95054

Tel: +1-669-770-3700

info[at]amperecomputing.com

About
image
image
image
image
© 2023 Ampere Computing LLC. All rights reserved. Ampere, Altra and the A and Ampere logos are registered trademarks or trademarks of Ampere Computing.