30 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, reappears in the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influence mispredict...
CVE-2025-62863
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...
EUVD-2025-203817
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context...
EUVD-2025-203818
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...
CVE-2025-62864
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context...
CVE-2025-62863
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...
CVE-2025-62863
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...
CVE-2025-62862
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...
PT-2025-51756
Name of the Vulnerable Software and Affected Versions AmpereOne AC03 versions prior to 3.5.9.3 AmpereOne AC04 versions prior to 4.4.5.2 AmpereOne M versions prior to 5.4.5.1 Description The software contains a flaw where an incorrectly formed System Management Call SMC to the UEFI-MM MMCommunicat...
Ampere Computing多款产品 安全漏洞
Ampere Computing AmpereOne AC03 and others are a processor chip from Ampere Computing, USA. A security vulnerability exists in various Ampere Computing products, which stems from an SMC call format error that could result in an out-of-bounds write to the PCIe driver S-EL0 address space. The...
Ampere多款产品 安全漏洞
Ampere Computing AmpereOne AC03 and others are a processor chip from Ampere Computing, USA. A security vulnerability exists in various Ampere products, which stems from an SMC call format error that could result in an out-of-bounds write to the UEFI-MM secure partitioning environment. The followi...
CVE-2025-62862
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...
CVE-2025-62862
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...
CVE-2025-62863
CVE-2025-62863 concerns AmpereOne processors (AC03 before 3.5.9.3, AC04 before 4.4.5.2, M before 5.4.5.1). The issue arises from an incorrectly formed System Management Call (SMC) to the UEFI-MM PCIe driver, which could enable an out-of-bounds write in the PCIe driver’s S-EL0 address space. Repor...
CVE-2025-62863
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...
CVE-2025-62864
AmpereOne hardware (AC03 before 3.5.9.3, AC04 before 4.4.5.2, M before 5.4.5.1) is affected by CVE-2025-62864 due to an incorrectly formed SMC call to the UEFI-MM MMCommunicate service, which could cause an out-of-bounds write within the UEFI-MM Secure Partition context. Red Hat and NVD entries a...
CVE-2025-62862
CVE-2025-62862 concerns AmpereOne AC03 (before 3.5.9.3), AC04 (before 4.4.5.2), and M (before 5.4.5.1). The root cause is an incorrectly formed SMC call to the UEFI-MM Boot Error Record Table driver, enabling (1) out-of-bounds reads that may leak Secure-EL0 information to Non-Secure state, or (2)...
EUVD-2023-43699
Malicious code in bioql PyPI...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
SUSE CVE-2023-3006
A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influenc...