CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information.

CVSS v3 5.6 MEDIUM
CVSS v2.0 1.9 LOW

5.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.1 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

1.9^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 3.4 / Impact : 2.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.openwall.com/lists/oss-security/2022/03/18/2	Mailing List Patch Third Party Advisory
https://developer.arm.com/support/arm-security-updates	Vendor Advisory
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability	Mitigation Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html	Mailing List Third Party Advisory
https://www.debian.org/security/2022/dsa-5173	Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/03/18/2	Mailing List Patch Third Party Advisory
https://developer.arm.com/support/arm-security-updates	Vendor Advisory
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability	Mitigation Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html	Mailing List Third Party Advisory
https://www.debian.org/security/2022/dsa-5173	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:arm:cortex-a57:-:::::::*
	cpe:2.3:h:arm:cortex-a65:-:::::::*
	cpe:2.3:h:arm:cortex-a65ae:-:::::::*
	cpe:2.3:h:arm:cortex-a710:-:::::::*
	cpe:2.3:h:arm:cortex-a72:-:::::::*
	cpe:2.3:h:arm:cortex-a73:-:::::::*
	cpe:2.3:h:arm:cortex-a75:-:::::::*
	cpe:2.3:h:arm:cortex-a76:-:::::::*
	cpe:2.3:h:arm:cortex-a76ae:-:::::::*
	cpe:2.3:h:arm:cortex-a77:-:::::::*
	cpe:2.3:h:arm:cortex-a78:-:::::::*
	cpe:2.3:h:arm:cortex-a78ae:-:::::::*
	cpe:2.3:h:arm:cortex-r7:-:::::::*
	cpe:2.3:h:arm:cortex-r8:-:::::::*
	cpe:2.3:h:arm:cortex-x1:-:::::::*
	cpe:2.3:h:arm:cortex-x2:-:::::::*
	cpe:2.3:h:arm:neoverse-e1:-:::::::*
	cpe:2.3:h:arm:neoverse-v1:-:::::::*
	cpe:2.3:h:arm:neoverse_n1:-:::::::*
	cpe:2.3:h:arm:neoverse_n2:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:arm:cortex-r7_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-r7:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:arm:cortex-r8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-r8:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:arm:cortex-a65_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a65:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:arm:cortex-a65ae_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a65ae:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:arm:cortex-a710_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a710:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:arm:cortex-a76ae_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a76ae:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:arm:cortex-x2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:cortex-x2:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:arm:neoverse-e1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:neoverse-e1:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:arm:neoverse-v1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:neoverse-v1:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:neoverse_n1:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:*

Configuration 22 (hide)

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

History

21 Nov 2024, 06:49

Type	Values Removed	Values Added
References	~~() http://www.openwall.com/lists/oss-security/2022/03/18/2 - Mailing List, Patch, Third Party Advisory~~	() http://www.openwall.com/lists/oss-security/2022/03/18/2 - Mailing List, Patch, Third Party Advisory
References	~~() https://developer.arm.com/support/arm-security-updates - Vendor Advisory~~	() https://developer.arm.com/support/arm-security-updates - Vendor Advisory
References	~~() https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability - Mitigation, Patch, Vendor Advisory~~	() https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability - Mitigation, Patch, Vendor Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory~~	() https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory
References	~~() https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory~~	() https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory

04 Jul 2022, 11:15

Type	Values Removed	Values Added
References		(DEBIAN) https://www.debian.org/security/2022/dsa-5173 -

01 Jul 2022, 14:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html -

22 Mar 2022, 17:23

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 1.9 v3 : 5.6
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:o:arm:cortex-x1_firmware:-:::::::* cpe:2.3:h:arm:cortex-a72:-:::::::* cpe:2.3:o:arm:cortex-a73_firmware:-:::::::* cpe:2.3:o:arm:cortex-x2_firmware:-:::::::* cpe:2.3:o:arm:cortex-r8_firmware:-:::::::* cpe:2.3:h:arm:cortex-a76ae:-:::::::* cpe:2.3:o:arm:cortex-a76_firmware:-:::::::* cpe:2.3:h:arm:neoverse_n1:-:::::::* cpe:2.3:h:arm:cortex-x1:-:::::::* cpe:2.3:h:arm:neoverse-e1:-:::::::* cpe:2.3:h:arm:cortex-a78ae:-:::::::* cpe:2.3:o:xen:xen:-:::::::* cpe:2.3:h:arm:cortex-r8:-:::::::* cpe:2.3:h:arm:cortex-a78:-:::::::* cpe:2.3:o:arm:cortex-a710_firmware:-:::::::* cpe:2.3:o:arm:cortex-r7_firmware:-:::::::* cpe:2.3:h:arm:neoverse_n2:-:::::::* cpe:2.3:o:arm:cortex-a75_firmware:-:::::::* cpe:2.3:h:arm:cortex-a73:-:::::::* cpe:2.3:h:arm:cortex-x2:-:::::::* cpe:2.3:h:arm:cortex-a75:-:::::::* cpe:2.3:o:arm:neoverse-e1_firmware:-:::::::* cpe:2.3:h:arm:cortex-a57:-:::::::* cpe:2.3:h:arm:cortex-a65:-:::::::* cpe:2.3:o:arm:cortex-a65_firmware:-:::::::* cpe:2.3:o:arm:cortex-a78_firmware:-:::::::* cpe:2.3:o:arm:cortex-a78ae_firmware:-:::::::* cpe:2.3:h:arm:cortex-a76:-:::::::* cpe:2.3:h:arm:neoverse-v1:-:::::::* cpe:2.3:h:arm:cortex-r7:-:::::::* cpe:2.3:o:arm:neoverse_n2_firmware:-:::::::* cpe:2.3:o:arm:cortex-a65ae_firmware:-:::::::* cpe:2.3:o:arm:neoverse_n1_firmware:-:::::::* cpe:2.3:o:arm:cortex-a57_firmware:-:::::::* cpe:2.3:o:arm:cortex-a72_firmware:-:::::::* cpe:2.3:h:arm:cortex-a710:-:::::::* cpe:2.3:o:arm:neoverse-v1_firmware:-:::::::* cpe:2.3:o:arm:cortex-a76ae_firmware:-:::::::* cpe:2.3:o:arm:cortex-a77_firmware:-:::::::* cpe:2.3:h:arm:cortex-a77:-:::::::* cpe:2.3:h:arm:cortex-a65ae:-:::::::*
References	~~(MISC) https://developer.arm.com/support/arm-security-updates -~~	(MISC) https://developer.arm.com/support/arm-security-updates - Vendor Advisory
References	~~(CONFIRM) https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability -~~	(CONFIRM) https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability - Mitigation, Patch, Vendor Advisory
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2022/03/18/2 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2022/03/18/2 - Mailing List, Patch, Third Party Advisory

18 Mar 2022, 18:15

Type	Values Removed	Values Added
References		(MLIST) http://www.openwall.com/lists/oss-security/2022/03/18/2 -

13 Mar 2022, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-03-13 00:15

Updated : 2024-11-21 06:49

NVD link : CVE-2022-23960

Mitre link : CVE-2022-23960

CVE.ORG link : CVE-2022-23960

JSON object : View

Products Affected

arm

cortex-a65ae
cortex-a78ae_firmware
cortex-r8_firmware
cortex-a77_firmware
cortex-a72
cortex-r8
cortex-x2
cortex-a78_firmware
cortex-a57
neoverse-v1
cortex-a57_firmware
cortex-a76
cortex-x2_firmware
cortex-a72_firmware
cortex-a76ae_firmware
cortex-a65
cortex-x1_firmware
cortex-a78
cortex-x1
cortex-a65_firmware
cortex-r7
neoverse-e1
neoverse_n2
cortex-a710_firmware
neoverse-v1_firmware
cortex-a75
cortex-a73
neoverse_n2_firmware
cortex-a77
neoverse_n1
neoverse_n1_firmware
cortex-a73_firmware
neoverse-e1_firmware
cortex-r7_firmware
cortex-a65ae_firmware
cortex-a76_firmware
cortex-a710
cortex-a78ae
cortex-a75_firmware
cortex-a76ae

debian

debian_linux

xen

CWE

NVD-CWE-noinfo

5.6 /10

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

1.9 /10

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2022-23960

5.6^/10

1.9^/10

Attach tags to `CVE-2022-23960`