Amperecomputing Ampere_altra

6 CVEs affecting Amperecomputing Ampere_altra. Latest disclosed: 2023-02-15. Critical: 2, High: 2.

Top CVEs affecting Amperecomputing Ampere_altra
CVESeverityScorePublishedSummary
CVE-2022-46892Critical9.82023-02-15In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.
CVE-2022-32295Critical9.82022-07-01On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor compon…
CVE-2022-37459High7.82022-08-17Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hij…
CVE-2021-45454High7.52022-08-17Ampere Altra before SRP 1.08b and Altra Max​ before SRP 2.05 allow information disclosure of power telemetry via HWmon.
CVE-2022-35888Medium6.52022-09-29Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret informatio…
CVE-2022-25368Medium4.72022-03-10Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the…