This page lists publicly disclosed CVE vulnerabilities affecting arm cortex-a72_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-10929 | In certain circumstances, an issue in Arm Cortex-A57, Cortex-A72 (revisions before r1p0), Cortex-A73 and Cortex-A75 may allow an adversary to gain a weak form of control over the victim's branch history. | [email protected] | 5.1 | 0.12% | 2025-01-22 | 2025-12-18 |
| CVE-2022-48251 | The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture." | [email protected] | 7.5 | 0.37% | 2023-01-10 | 2024-11-21 |
| CVE-2022-23960 | Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. | [email protected] | 5.6 | 0.19% | 2022-03-13 | 2024-11-21 |
| CVE-2022-25368 | Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected. | [email protected] | 4.7 | 0.29% | 2022-03-10 | 2024-11-21 |
| CVE-2020-13844 | Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." | [email protected] | 5.5 | 0.08% | 2020-06-08 | 2024-11-21 |
| CVE-2017-5753 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | [email protected] | 5.6 | 94.33% | 2018-01-04 | 2026-05-28 |