Ampere Computing Logo
Contact Sales
Ampere Computing Logo
Hero Image

Impact of Spectre BHB on Ampere

Bulletin ID: AMP-SB-0001

Potential Impact: Partial loss of protected data

Severity: Medium: CVSS score is 4.7

Summary

[CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N]

3/8/2022: Ampere investigated the potential impacts of the Spectre-BHB to Ampere products. The description of the vulnerability, published by the national vulnerability database (NVD) states:

CVE-2022-25368

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.

Affected Product(s):

Ampere® Altra® and Ampere® Altra® Max

Recommendations

Ampere recommends that users of affected products update to the latest firmware version provided by the system manufacturer that addresses these issues. Ampere also recommends updating to the latest OS updates that that addresses these issues. Disable unprivileged Extended Berkeley Packet Filter (eBPF)

References:

Created At : December 26th 2022, 5:51:52 am
Last Updated At : December 29th 2022, 8:54:34 am
Ampere Logo

Ampere Computing

4655 Great America Parkway

Suite 601 Santa Clara, CA 95054

image
image
 |  |  |  |  |  | 
© 2022 Ampere Computing LLC. All rights reserved. Ampere, Altra and the A and Ampere logos are registered trademarks or trademarks of Ampere Computing.
This site is running on Ampere Altra Processors.