Ampere Altra devices prior to 1.08g and Ampere Altra Max devices prior to 2.05a allow malicious users to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
amperecomputing ampere_altra_firmware |
||
amperecomputing ampere_altra_max_firmware |