CVE-2022-23960 : Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly re

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information.

Published 2022-03-13 00:15:08

Updated 2023-01-20 02:34:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2022-23960

Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: N/A
cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a57 » Version: N/A
When used together with: ARM » Cortex-a65 » Version: N/A
When used together with: ARM » Cortex-a65ae » Version: N/A
When used together with: ARM » Cortex-a710 » Version: N/A
When used together with: ARM » Cortex-a72 » Version: N/A
When used together with: ARM » Cortex-a73 » Version: N/A
When used together with: ARM » Cortex-a75 » Version: N/A
When used together with: ARM » Cortex-a76 » Version: N/A
When used together with: ARM » Cortex-a76ae » Version: N/A
When used together with: ARM » Cortex-a77 » Version: N/A
When used together with: ARM » Cortex-a78 » Version: N/A
When used together with: ARM » Cortex-a78ae » Version: N/A
When used together with: ARM » Cortex-r7 » Version: N/A
When used together with: ARM » Cortex-r8 » Version: N/A
When used together with: ARM » Cortex-x1 » Version: N/A
When used together with: ARM » Cortex-x2 » Version: N/A
When used together with: ARM » Neoverse-e1 » Version: N/A
When used together with: ARM » Neoverse-v1 » Version: N/A
When used together with: ARM » Neoverse N1 » Version: N/A
When used together with: ARM » Neoverse N2 » Version: N/A
ARM » Cortex-a57 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a57 » Version: N/A
ARM » Cortex-a72 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a72 » Version: N/A
ARM » Cortex-a73 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a73 » Version: N/A
ARM » Cortex-r7 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-r7_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-r7 » Version: N/A
ARM » Cortex-r8 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-r8_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-r8 » Version: N/A
ARM » Cortex-a75 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a75 » Version: N/A
ARM » Cortex-a76 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a76 » Version: N/A
ARM » Cortex-a77 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a77 » Version: N/A
ARM » Cortex-a78 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a78 » Version: N/A
ARM » Cortex-a78ae Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a78ae » Version: N/A
ARM » Neoverse N1 Firmware » Version: N/A
cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Neoverse N1 » Version: N/A
ARM » Neoverse N2 Firmware » Version: N/A
cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Neoverse N2 » Version: N/A
ARM » Cortex-x1 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-x1 » Version: N/A
ARM » Neoverse-e1 Firmware » Version: N/A
cpe:2.3:o:arm:neoverse-e1_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Neoverse-e1 » Version: N/A
ARM » Neoverse-v1 Firmware » Version: N/A
cpe:2.3:o:arm:neoverse-v1_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Neoverse-v1 » Version: N/A
ARM » Cortex-a65 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a65_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a65 » Version: N/A
ARM » Cortex-a65ae Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a65ae_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a65ae » Version: N/A
ARM » Cortex-a76ae Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a76ae_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a76ae » Version: N/A
ARM » Cortex-x2 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-x2_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-x2 » Version: N/A
ARM » Cortex-a710 Firmware » Version: N/A
cpe:2.3:o:arm:cortex-a710_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: ARM » Cortex-a710 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-23960

EPSS FAQ

0.11%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 27 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-23960

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
1.9	LOW	AV:L/AC:M/Au:N/C:P/I:N/A:N	3.4	2.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.6	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N	1.1	4.0	NIST
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: None Availability: None

References for CVE-2022-23960

https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html

[SECURITY] [DLA 3065-1] linux security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://developer.arm.com/support/arm-security-updates

Arm Security Updates – Arm Developer
Vendor Advisory

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2022/03/18/2

oss-security - Xen Security Advisory 398 v2 - Multiple speculative security issues
Mailing List;Patch;Third Party Advisory

CVEs referencing this url
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

Speculative Processor Vulnerability – Arm Developer
Mitigation;Patch;Vendor Advisory

CVEs referencing this url
https://www.debian.org/security/2022/dsa-5173

Debian -- Security Information -- DSA-5173-1 linux
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-23960

Products affected by CVE-2022-23960

Exploit prediction scoring system (EPSS) score for CVE-2022-23960

CVSS scores for CVE-2022-23960

References for CVE-2022-23960