CVE-2022-25368
Published Mar 10, 2022
Last updated 3 years ago
Overview
- Description
- Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.7
- Impact score
- 3.6
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 1.9
- Impact score
- 2.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amperecomputing:ampere_altra_max_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD11462B-20A3-4D99-B7B8-270AFAC16306"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amperecomputing:ampere_altra_max:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5B8623E0-29D4-4AF7-B538-995F4E871B32"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amperecomputing:ampere_altra_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F0074CA-F557-4610-AB0F-A88C720AD661"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amperecomputing:ampere_altra:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "62F8E59F-D4A4-4C58-BE5E-C5C0B8E40D37"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:neoverse-e1_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2543729C-69F9-47C8-B5E4-87156BFFF32F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:neoverse-e1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A639E025-B946-4A84-88B9-2E5E655711CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:neoverse-v1_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E32A1FF8-3A37-4D10-8DBB-3ECAA8A5F970"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:neoverse-v1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C3F388EB-8A46-43E1-9AB1-5832FBB9262A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68D895EC-B0A9-4292-AC64-60673F72C765"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B00CD88D-5649-403F-A55A-BD49427D30FA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a65_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE23799E-5B88-4631-B3D8-04BDB6A0795E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a65:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AEE41A45-7244-4A96-9A22-3BF57F9B7560"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a65ae_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18E54F07-38EA-4CCC-8F59-855D9251F818"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a65ae:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5693AF9C-8E4A-4BFD-AE1C-073CB3B5053D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38768B2B-F1A3-4A76-8716-9520CA075F3D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "16E23102-964E-485D-8EFF-4B1BBFE6EDE4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7173A6DC-4D4E-424C-A922-C16D67627834"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "33B1374D-59E8-4FE5-AC6C-0323AB1DD60D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A891447-2F1D-48B4-AA47-3CB7EA4FDC7C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7C1DF922-1F46-41A6-A367-E56DD8C4163D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08CC4E5E-2794-4893-9B45-E14A3F4CF159"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9E4FCA77-71D3-495E-BA2A-2953369E5DCC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a76ae_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6022C19-3C39-439E-AE6E-2319D831CF99"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a76ae:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9B08A239-BFC8-41EA-8A48-69F8DD7FC221"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "155A0C39-4D0A-4264-B392-46002908939C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96AB8C81-F441-4563-B5E0-B738DF4D1C50"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DDA3C472-D1E9-47B3-AFD0-BD274E3291F9"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E30BECA7-C45A-423D-9200-98D51BE9C84C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9E376B2A-430D-4D1D-BC28-92CD7E1E8564"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a78c_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0B159B3-65DD-4914-A4A4-EF342A3BAEB9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a78c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6194A1A7-A29D-4ECC-8D6D-02C17D49851E"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D200C1F-1909-4952-824F-A2D279B9B37E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2FC9F68C-7D65-4D29-AAA1-BA43228C6208"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-x2_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B749251-B873-4E37-BB5C-1D4C021205D3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-x2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5D7FB822-DD26-402E-A413-EF55B6C01D07"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a710_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AF7E5CA-95FF-4242-BD6E-8BDC185DA095"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a710:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7CEEC509-2A56-48F1-B388-3A8660D58FB5"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a15_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23EADA1F-73E8-4E70-AF90-CE8D26552687"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a15:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8FDE279-49C3-452A-B9B0-36199C221F95"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4164A584-6F0D-4154-8FED-DC044CDE1FE7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:neoverse_n1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "74C9E6FC-9C40-4105-9FB0-17013E1ABBB3"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B37176F-0AF4-4410-9C1F-4C5ED0051681"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D2F2936E-A611-472E-8EF0-F336A19DF578"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]