CNNVD-202512-2849 Information
CNNVD ID
CNNVD-202512-2849
Related CVE
- CNNVD Published: 2025-12-16
Description (Chinese)
Ampere Computing AmpereOne AC03等都是美国Ampere Computing公司的一款处理器芯片。 Ampere Computing多款产品存在安全漏洞,该漏洞源于SMC调用格式错误,可能导致PCIe驱动程序S-EL0地址空间越界写入。以下产品和版本受到影响:Ampere AmpereOne AC03 3.5.9.3之前版本、AmpereOne AC04 4.4.5.2之前版本和AmpereOne M 5.4.5.1之前版本。
Description (English)
Ampere Marketing AmpereOne AC03 is a processor chip of the United States company Ampere Company. There is a safety loophole in the Ampere Computing multi-products, which stems from SMC ’ s misformatting, which may result in PCIE driver S-EL0 address space being crossed for writing. The following products and versions were affected: Ampere AmpereOne AC03 3.5.9.3, AmpereOne AC04 4.4.5.2 and AmpereOne M 5.4.5.1.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Ampere Computing
Published
2025-12-16
Last Modified
2026-02-24
References
https://amperecomputing.com/products/product-security https://amperecomputing.com/products/security-bulletins/amp-sb-0007
Patch
https://amperecomputing.com/products/security-bulletins/amp-sb-0007
Share on: