Ampere Altra Firmware

ampere_altra_firmware

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-46892 1Amperecomputing 2Ampere Altra Firmware Ampere Altra Max Firmware Mar 19, 2025 Feb 15, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.
CVE-2022-35888 1Amperecomputing 3Ampere Altra Firmware Ampere Altra Max FirmwareAmpereone Firmware May 20, 2025 Sep 29, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data...Show more Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system.Show less
CVE-2022-37459 1Amperecomputing 2Ampere Altra Firmware Ampere Altra Max Firmware Nov 21, 2024 Aug 17, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel at...Show more Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue.Show less
CVE-2021-45454 1Amperecomputing 2Ampere Altra Firmware Ampere Altra Max Firmware Nov 21, 2024 Aug 17, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Ampere Altra before SRP 1.08b and Altra Max before SRP 2.05 allow information disclosure of power telemetry via HWmon.
CVE-2022-32295 1Amperecomputing 2Ampere Altra Firmware Ampere Altra Max Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component.
CVE-2022-25368 2Amperecomputing Arm 22Ampere Altra Firmware Ampere Altra Max FirmwareCortex A15 Firmware+19 more Nov 21, 2024 Mar 10, 2022 N/A· v4 4.7 MEDIUM· v3 1.9 LOW· v2 Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispr...Show more Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.Show less