CVE-2023-3006

MEDIUM

Linux Kernel - Information Disclosure via Spectre-BHB Branch History Injection

Title source: llm

Description

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.

References (1)

Core 1

Core References

Mailing List, Patch

https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/commit/?id=0e5d5ae837c8

Scores

CVSS v3 5.5

EPSS 0.0026

EPSS Percentile 17.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-212 CWE-226

Status published

Products (1)

linux/linux_kernel 6.1 rc1

Published May 31, 2023

Tracked Since Feb 18, 2026