Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.6
CVSSv3

CVE-2022-23960

Published: 13/03/2022 Updated: 20/01/2023
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 5.6 | Impact Score: 4 | Exploitability Score: 1.1
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Xen

Vulnerability Summary

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the malicious user to obtain sensitive information.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen -

arm cortex-r7_firmware -

arm cortex-r8_firmware -

arm cortex-a57_firmware -

arm cortex-a65_firmware -

arm cortex-a65ae_firmware -

arm cortex-a710_firmware -

arm cortex-a72_firmware -

arm cortex-a73_firmware -

arm cortex-a75_firmware -

arm cortex-a76_firmware -

arm cortex-a76ae_firmware -

arm cortex-a77_firmware -

arm cortex-a78_firmware -

arm cortex-a78ae_firmware -

arm cortex-x1_firmware -

arm cortex-x2_firmware -

arm neoverse-e1_firmware -

arm neoverse-v1_firmware -

arm neoverse_n1_firmware -

arm neoverse_n2_firmware -

debian debian linux 9.0

debian debian linux 10.0

Vendor Advisories

Red Hat: Moderate: Logging Subsystem 5.5.5 - Red Hat OpenShift security update
Synopsis Moderate: Logging Subsystem 555 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic Logging Subsystem 555 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Red Hat: Important: Red Hat Advanced Cluster Management 2.6.3 security update
Synopsis Important: Red Hat Advanced Cluster Management 263 security update Type/Severity Security Advisory: Important Topic Red Hat Advanced Cluster Management for Kubernetes 263 GeneralAvailability release images, which provide security updates, fix bugs, and update container imagesRed Hat Product Security has rated this update as havi ...
Red Hat: Moderate: Openshift Logging 5.3.14 bug fix release and security update
Synopsis Moderate: Openshift Logging 5314 bug fix release and security update Type/Severity Security Advisory: Moderate Topic Openshift Logging Bug Fix Release (5314)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Debian Security Advisories: DSA-5173-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escalate privileges CVE-2022-0494 The ...
Ubuntu Security Notice: USN-5318-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5317-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5362-1: Linux kernel (Intel IOTG) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat:
A new cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, was found in hw Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context Once that occurs, s ...

Recent Articles

Microsoft fixes Windows security hole likely widely exploited by miscreants
The Register • Jessica Lyons Hardcastle • 01 Jan 1970

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Plus: Nasty no-auth RCE in TCP/IP stack, and many more updates

Patch Tuesday September's Patch Tuesday is here and it brings, among other things, fixes from Microsoft for one security bug that miscreants have used to fully take over Windows systems along with details of a second vulnerability that, while not yet under attack, has already been publicly disclosed. In total, Redmond patched or addressed 62 security flaws today. This batch includes five "critical" remote code execution (RCE) vulnerabilities, and Microsoft ranked the rest as "important." The bug...

Read more...
Another data-leaking Spectre bug found, smashes Intel, Arm defenses
The Register • Thomas Claburn in San Francisco • 01 Jan 1970

Get our weekly newsletter Your processor design fell off the vulnerability tree and hit every branch on the way down

Analysis Intel this month published an advisory to address a novel Spectre v2 vulnerability in its processors that can be exploited by malware to steal data from memory that should otherwise be off limits. Arm said a number of its processor cores are also affected by this security flaw, and like Intel, its hardware defenses can't block it outright, leaving developers to implement software-level mitigations. The latest Spectre revival, identified by academics at VU Amsterdam, is known as Branch H...

Read more...

References

NVD-CWE-noinfohttps://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerabilityhttps://developer.arm.com/support/arm-security-updateshttp://www.openwall.com/lists/oss-security/2022/03/18/2https://lists.debian.org/debian-lts-announce/2022/07/msg00000.htmlhttps://www.debian.org/security/2022/dsa-5173https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2022:8781https://ubuntu.com/security/notices/USN-5318-1https://www.debian.org/security/2022/dsa-5173
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook