MEDIUM🇬🇧 English

CVE-2022-35888

CVSS 6.5v3.1pub. 2022-09-29upd. 2025-05-20

Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  • Amperecomputing Ampere Altra

    HW
    Amperecomputing
    wszystkie wersje
  • Amperecomputing Ampere Altra Firmware

    OS
    Amperecomputing
    ≤ 2022-07-15
  • Amperecomputing Ampere Altra Max

    HW
    Amperecomputing
    wszystkie wersje
  • Amperecomputing Ampere Altra Max Firmware

    OS
    Amperecomputing
    ≤ 2022-07-15
  • Amperecomputing Ampereone

    HW
    Amperecomputing
    wszystkie wersje
  • Amperecomputing Ampereone Firmware

    OS
    Amperecomputing
    ≤ 2022-07-15
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-46892CRITICAL9.8ten sam produkt

In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a dis...

CVE-2022-32295CRITICAL9.8ten sam produkt

On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insec...

CVE-2021-45454HIGH7.5ten sam produkt

Ampere Altra before SRP 1.08b and Altra Max​ before SRP 2.05 allow information disclosure of power telemetry v...

CVE-2022-37459HIGH7.8ten sam produkt

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the pre...

CVE-2022-25368MEDIUM4.7ten sam produkt

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the C...

CVE-2022-35888 — MEDIUM 6.5 | CVEbaza.pl