46 matches found
CVE-2023-3006
A known cache speculation vulnerability, the Branch History Injection BHI or Spectre-BHB, was found in new hw that are cores Cortex: A57, A72, A76, A77, A78, A78AE, A78C, A710, X1, X2; Neoverse: N1, N2, V1; Ampere1. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared...
CVE-2023-3006
A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influenc...
CVE-2023-3006
A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influenc...
CVE-2023-3006
CVE-2023-3006 describes a Spectre-BHB (Branch History Injection) cache-speculation vulnerability affecting AmpereOne hardware. Malicious code can use the CPU Branch History Buffer to influence mispredicted branches, triggering speculative execution that leads to cache allocation and potential inf...
PT-2022-6662 · Ampere +4 · Ampereone +4
Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified AmpereOne hardware affected versions not specified Description: A known cache speculation issue, similar to Spectre v2, allows malicious code to influence mispredicted branches within a victim's hardware...
Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability
...
KB5017328: Windows 11 Security Update (September 2022)
The remote Windows host is missing security update 5017328. It is, therefore, affected by multiple vulnerabilities - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the...
Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-039)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-039 advisory. Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre variant 2. This is a known cross-domain transient execution attack where a thi...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2159)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege...
EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2022-2110)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalati...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2110)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1969)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enabl...
EulerOS 2.0 SP8 : kernel (EulerOS-SA-2022-1934)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9274)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9274 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9273)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9273 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...
CVE-2022-23960
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...
CVE-2022-23960
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...
Design/Logic Flaw
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...
CVE-2022-23960
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...
CVE-2022-23960
CVE-2022-23960 affects Arm Cortex and Neoverse processors. It is a Spectre-BHB side-channel issue where shared branch history in the Branch History Buffer can influence mispredicted branches, enabling potential information disclosure through cache allocation. Documents note mitigations include de...