vulnerability

Debian: CVE-2023-3006: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:C/I:N/A:N)	May 31, 2023	Jul 30, 2024	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:N/A:N)

Published

May 31, 2023

Added

Jul 30, 2024

Modified

Mar 30, 2026

Description

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.

Solution

debian-upgrade-linux

References

CVE-2023-3006
https://attackerkb.com/topics/CVE-2023-3006
CWE-212
CWE-226
EUVD-EUVD-2023-43699
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-43699

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report