CVE-2022-23960
MEDIUMArm Cortex and Neoverse <2022-03-08 - Info Disclosure
Title source: llmDescription
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information.
References (5)
Scores
CVSS v3
5.6
EPSS
0.0014
EPSS Percentile
34.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Classification
Status
published
Affected Products (23)
xen/xen
arm/cortex-r7_firmware
arm/cortex-r8_firmware
arm/cortex-a57_firmware
arm/cortex-a65_firmware
arm/cortex-a65ae_firmware
arm/cortex-a710_firmware
arm/cortex-a72_firmware
arm/cortex-a73_firmware
arm/cortex-a75_firmware
arm/cortex-a76_firmware
arm/cortex-a76ae_firmware
arm/cortex-a77_firmware
arm/cortex-a78_firmware
arm/cortex-a78ae_firmware
... and 8 more
Timeline
Published
Mar 13, 2022
Tracked Since
Feb 18, 2026