Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Amperecomputing Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-45454 1 Amperecomputing 4 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 1 more 2023-03-01 N/A 7.5 HIGH
Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of power telemetry via HWmon.
CVE-2022-46892 1 Amperecomputing 4 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 1 more 2023-02-24 N/A 9.8 CRITICAL
In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.
CVE-2022-35888 1 Amperecomputing 6 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 3 more 2022-10-03 N/A 6.5 MEDIUM
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system.
CVE-2022-37459 1 Amperecomputing 4 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 1 more 2022-08-18 N/A 7.8 HIGH
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue.
CVE-2022-32295 1 Amperecomputing 4 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 1 more 2022-07-21 7.5 HIGH 9.8 CRITICAL
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component.
CVE-2022-25368 2 Amperecomputing, Arm 44 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 41 more 2022-03-15 1.9 LOW 4.7 MEDIUM
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.