CVE-2023-3006
Summary
| CVE | CVE-2023-3006 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-05-31 20:15:00 UTC |
|---|
| Updated | 2023-06-08 02:38:00 UTC |
|---|
| Description | A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Operating System |
Linux |
Linux Kernel |
6.1 |
rc1 |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| kernel/git/arm64/linux.git - AArch64 Linux kernel port |
MISC |
git.kernel.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181847 Debian Security Update for linux (CVE-2023-3006)
- 199997 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6548-1)
- 199999 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6548-2)
- 200006 Ubuntu Security Notification for Linux kernel (Oracle) Vulnerabilities (USN-6548-3)
- 200037 Ubuntu Security Notification for Linux kernel (IoT) Vulnerabilities (USN-6548-5)
- 200202 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6701-1)
- 200209 Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-6701-2)
- 200222 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6701-3)
- 200244 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-6701-4)
- 379043 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0136)
- 379435 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2024:0012)
- 673372 EulerOS Security Update for kernel (EulerOS-SA-2023-2787)
- 673970 EulerOS Security Update for kernel (EulerOS-SA-2023-2879)
- 755851 SUSE Enterprise Linux Security Update for the linux kernel (SUSE-SU-2023:2646-1)
