ALPINE-CVE-2024-36357

ALPINE-CVE-2024-36357 PUBLISHED CVSS 5.599999904632568 MEDIUM

A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.

Risk Scores

CVSS v3.1

5.599999904632568

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Alpine:v3.21	xen	4.15.0-r2, 4.9.1-r3, 4.9.1-r2
Alpine:v3.22	xen	4.13.1-r1, 4.13.1-r2, 4.13.1-r3
Alpine:v3.19	xen	0, 4.0.1-r0, 4.0.1-r1
Alpine:v3.23	xen	4.9.1-r3, 4.13.0-r4, 4.13.1-r0
Alpine:v3.20	xen	4.9.1-r2, 4.9.1-r1, 4.9.1-r0

Timeline

Jul 8, 2025 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2024-36357 advisory

Open in Interactive Console →