Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in (1) an out-of-bounds read which leaks Secure-EL0 information to a process running in Non-Secure state or (2) an out-of-bounds write which corrupts Secure or Non-Secure memory, limited to memory mapped to UEFI-MM Secure Partition by the Secure Partition Manager.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| amperecomputing | ampereone_a192-32m_firmware | 5.4.5.1 | - |
| amperecomputing | ampereone_a192-26m_firmware | 5.4.5.1 | - |
| amperecomputing | ampereone_a160-28m_firmware |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
14
Affected Products
2
References
amperecomputing / ampereone_a192-32m_firmware
| 5.4.5.1 |
| - |
| amperecomputing | ampereone_a144-33m_firmware | 5.4.5.1 | - |
| amperecomputing | ampereone_a144-26m_firmware | 5.4.5.1 | - |
| amperecomputing | ampereone_a96-36m_firmware | 5.4.5.1 | - |
| amperecomputing | ampereone_a96-36x_firmware | 4.4.5.2 | - |
| amperecomputing | ampereone_a128-34x_firmware | 4.4.5.2 | - |
| amperecomputing | ampereone_a144-24x_firmware | 4.4.5.2 | - |
| amperecomputing | ampereone_a144-27x_firmware | 4.4.5.2 | - |
| amperecomputing | ampereone_a160-28x_firmware | 4.4.5.2 | - |
| amperecomputing | ampereone_a192-26x_firmware | 4.4.5.2 | - |
| amperecomputing | ampereone_a192-26x_firmware | 3.5.9.3 | - |
| amperecomputing | ampereone_a192-32x_firmware | 3.5.9.3 | - |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
Exploitability
Impact