Amperecomputing Ampere_altra
6 CVEs affecting Amperecomputing Ampere_altra. Latest disclosed: 2023-02-15. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-46892 | Critical | 9.8 | 2023-02-15 | In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex. |
CVE-2022-32295 | Critical | 9.8 | 2022-07-01 | On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor compon… |
CVE-2022-37459 | High | 7.8 | 2022-08-17 | Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hij… |
CVE-2021-45454 | High | 7.5 | 2022-08-17 | Ampere Altra before SRP 1.08b and Altra Max before SRP 2.05 allow information disclosure of power telemetry via HWmon. |
CVE-2022-35888 | Medium | 6.5 | 2022-09-29 | Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret informatio… |
CVE-2022-25368 | Medium | 4.7 | 2022-03-10 | Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the… |