DEBIAN-CVE-2023-3006
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 31 May 2023, 20:15
Last modified:28 Apr 2026, 20:26
Vulnerability Summary
Overall Risk (default)
low
22/100 CVSS Score
5.5 MEDIUM
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
31 May 2023, 20:15
Published
Vulnerability first disclosed
28 Apr 2026, 20:26
Last Modified
Vulnerability information updated
Description
A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Systems
- debian•linux
< 5.10.158-1 | < 6.0.7-1 | < 6.0.7-1 | < 6.0.7-1