CVE-2023-3006

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*

History

08 Jun 2023, 02:38

Type Values Removed Values Added
First Time Linux
Linux linux Kernel
CPE cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*
References (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/commit/?id=0e5d5ae837c8 - (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/commit/?id=0e5d5ae837c8 - Mailing List, Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-212

31 May 2023, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-31 20:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-3006

Mitre link : CVE-2023-3006

CVE.ORG link : CVE-2023-3006


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-212

Improper Removal of Sensitive Information Before Storage or Transfer

CWE-226

Sensitive Information in Resource Not Removed Before Reuse