Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.
References
Link | Resource |
---|---|
https://amperecomputing.com/products/security-bulletins/impact-of-spectre-bhb-on-ampere.html | Vendor Advisory |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960 | Third Party Advisory VDB Entry |
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb | Patch Technical Description Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
Configuration 21 (hide)
AND |
|
Configuration 22 (hide)
AND |
|
History
16 Mar 2022, 03:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:amperecomputing:ampere_altra_max_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arm:neoverse-v1_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-x2:-:*:*:*:*:*:*:* cpe:2.3:h:amperecomputing:ampere_altra_max:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a78c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:neoverse-e1:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a76ae_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a65ae_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a65ae:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a710:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:* cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amperecomputing:ampere_altra_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:amperecomputing:ampere_altra:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a65_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a76ae:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a15_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:neoverse_n1:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-x2_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a65:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a78c:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a710_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:neoverse-v1:-:*:*:*:*:*:*:* cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a15:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arm:neoverse-e1_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:* cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : 1.9
v3 : 4.7 |
First Time |
Arm cortex-a75 Firmware
Arm cortex-a72 Arm cortex-a710 Arm cortex-a77 Firmware Arm cortex-a57 Firmware Arm cortex-a65 Firmware Arm cortex-a65 Arm neoverse N1 Arm neoverse N2 Arm cortex-a78ae Firmware Amperecomputing ampere Altra Firmware Arm cortex-a710 Firmware Arm cortex-a76ae Firmware Arm cortex-a72 Firmware Amperecomputing ampere Altra Max Firmware Arm cortex-a76ae Amperecomputing ampere Altra Max Arm neoverse N2 Firmware Arm cortex-a78ae Arm cortex-a15 Firmware Arm cortex-x2 Arm neoverse-v1 Arm cortex-x2 Firmware Amperecomputing ampere Altra Arm cortex-a78 Arm neoverse-e1 Firmware Arm cortex-a78c Arm cortex-a73 Firmware Arm Arm cortex-a76 Firmware Arm cortex-x1 Amperecomputing Arm cortex-a65ae Arm cortex-a78c Firmware Arm cortex-a65ae Firmware Arm cortex-x1 Firmware Arm cortex-a15 Arm cortex-a75 Arm cortex-a57 Arm cortex-a76 Arm neoverse-e1 Arm cortex-a77 Arm neoverse N1 Firmware Arm neoverse-v1 Firmware Arm cortex-a78 Firmware Arm cortex-a73 |
|
References | (MISC) https://amperecomputing.com/products/security-bulletins/impact-of-spectre-bhb-on-ampere.html - Vendor Advisory | |
References | (CONFIRM) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960 - Third Party Advisory, VDB Entry | |
References | (MISC) https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb - Patch, Technical Description, Vendor Advisory |
10 Mar 2022, 17:53
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-10 17:47
Updated : 2023-12-10 14:22
NVD link : CVE-2022-25368
Mitre link : CVE-2022-25368
CVE.ORG link : CVE-2022-25368
JSON object : View
Products Affected
arm
- cortex-x1
- cortex-a78
- cortex-a57
- cortex-a710_firmware
- cortex-a78ae_firmware
- neoverse-e1
- cortex-a710
- neoverse_n2
- neoverse_n1_firmware
- cortex-a57_firmware
- cortex-a78c_firmware
- cortex-a76
- cortex-a75_firmware
- neoverse-e1_firmware
- cortex-a72_firmware
- cortex-a76ae_firmware
- cortex-x2_firmware
- cortex-a65ae
- neoverse-v1_firmware
- neoverse_n1
- cortex-a65
- cortex-a15
- cortex-a76ae
- cortex-a77
- cortex-a15_firmware
- neoverse_n2_firmware
- cortex-a65_firmware
- cortex-x2
- cortex-a78_firmware
- cortex-a75
- cortex-a72
- cortex-a73
- cortex-a73_firmware
- neoverse-v1
- cortex-a78c
- cortex-a78ae
- cortex-a77_firmware
- cortex-a65ae_firmware
- cortex-x1_firmware
- cortex-a76_firmware
amperecomputing
- ampere_altra_max_firmware
- ampere_altra_max
- ampere_altra_firmware
- ampere_altra
CWE