CVE-2022-25368

Sažetak

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.

Reference

https://amperecomputing.com/products/security-bulletins/impact-of-spectre-bhb-on-ampere.html
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960

CVSS

Base:	1.9
Impact:	2.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

16-03-2022 - 03:40

Objavljeno

10-03-2022 - 17:47