CVE-2024-36349

Description

A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

None

Availability

None

Affected products

AMD / AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphicsall – all
AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphicsall – all
AMD / AMD EPYC™ 4004 Series Processorsall – all
AMD / AMD EPYC™ 7002 Series Processorsall – all
AMD / AMD EPYC™ 7003 Series Processorsall – all
AMD / AMD EPYC™ 8004 Series Processorsall – all
AMD / AMD EPYC™ 9004 Series Processorsall – all
AMD / AMD EPYC™ 9V64H Processorall – all
AMD / AMD EPYC™ Embedded 3000 Series Processorsall – all
AMD / AMD EPYC™ Embedded 7002 Series Processorsall – all
AMD / AMD EPYC™ Embedded 7003 Series Processorsall – all
AMD / AMD EPYC™ Embedded 8004 Series Processorsall – all
AMD / AMD EPYC™ Embedded 9004 Series Processorsall – all
AMD / AMD Ryzen™ 3000 Series Desktop Processorsall – all
AMD / AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 5000 Series Desktop Processorsall – all
AMD / AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 6000 Series Processor with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 7000 Series Desktop Processorsall – all
AMD / AMD Ryzen™ 7000 Series Mobile Processorsall – all
AMD / AMD Ryzen™ 7000 Series Processors with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 7035 Series Processor with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 7040 Series Processors with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 8000 Series Processor with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphicsall – all
AMD / AMD Ryzen™ Embedded 5000 Series Processorsall – all
AMD / AMD Ryzen™ Embedded 7000 Series Processorsall – all
AMD / AMD Ryzen™ Embedded R1000 Series Processorsall – all
AMD / AMD Ryzen™ Embedded R2000 Series Processorsall – all
AMD / AMD Ryzen™ Embedded V1000 Series Processorsall – all
AMD / AMD Ryzen™ Embedded V2000 Series Processorsall – all
AMD / AMD Ryzen™ Embedded V3000 Series Processorsall – all
AMD / AMD Ryzen™ Threadripper™ 3000 Series Processorsall – all
AMD / AMD Ryzen™ Threadripper™ PRO 3000WX Series Processorsall – all
AMD / AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processorsall – all
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processorsall – all

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html