CVE-2024-36349: A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting…

low3.8CVSS 3.1

AVLACLPRLUINSCCLINAN

A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

Affected

39 ranges· showing 25

Vendor	Product	Version range	Fixed in
amd	amd_athlon_3000_series_desktop_processors_with_radeon_graphics	—	—
amd	amd_athlon_3000_series_mobile_processors_with_radeon_graphics	—	—
amd	amd_epyc_4004_series_processors	—	—
amd	amd_epyc_7002_series_processors	—	—
amd	amd_epyc_7003_series_processors	—	—
amd	amd_epyc_8004_series_processors	—	—
amd	amd_epyc_9004_series_processors	—	—
amd	amd_epyc_9v64h_processor	—	—
amd	amd_epyc_embedded_3000_series_processors	—	—
amd	amd_epyc_embedded_7002_series_processors	—	—
amd	amd_epyc_embedded_7003_series_processors	—	—
amd	amd_epyc_embedded_8004_series_processors	—	—
amd	amd_epyc_embedded_9004_series_processors	—	—
amd	amd_ryzen_3000_series_desktop_processors	—	—
amd	amd_ryzen_3000_series_mobile_processor_with_radeon_graphics	—	—
amd	amd_ryzen_4000_series_desktop_processor_with_radeon_graphics	—	—
amd	amd_ryzen_5000_series_desktop_processor_with_radeon_graphics	—	—
amd	amd_ryzen_5000_series_desktop_processors	—	—
amd	amd_ryzen_6000_series_processor_with_radeon_graphics	—	—
amd	amd_ryzen_7000_series_desktop_processors	—	—
amd	amd_ryzen_7000_series_mobile_processors	—	—
amd	amd_ryzen_7000_series_processors_with_radeon_graphics	—	—
amd	amd_ryzen_7020_series_processors_with_radeon_graphics	—	—
amd	amd_ryzen_7035_series_processor_with_radeon_graphics	—	—
amd	amd_ryzen_7040_series_processors_with_radeon_graphics	—	—

CVSS provenance

nvdv3.13.8LOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

osv3.8LOW