cvedb.io
CVE-2022-37459
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2022-08-17T13:15:08.433 · Last modified 2026-06-17T04:55:07.693

Summary

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue.

Affected products

amperecomputing — ampere_altra_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when amperecomputing ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.