VDB

CISA-2024-36349

CISA-2024-36349 PUBLISHED CVSS 3.8 LOW

Reported by AMD · Published July 8, 2025

A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

Risk Scores

CVSS 3.1
3.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Affected Products

VendorProductVersions
AMDAMD EPYC™ 7002 Series Processorsall
AMDAMD EPYC™ 7003 Series Processorsall
AMDAMD EPYC™ 9004 Series Processorsall
AMDAMD EPYC™ 8004 Series Processorsall
AMDAMD EPYC™ 4004 Series Processorsall
AMDAMD EPYC™ 9V64H Processorall
AMDAMD Ryzen™ 5000 Series Desktop Processorsall
AMDAMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphicsall
AMDAMD Ryzen™ 3000 Series Desktop Processorsall
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphicsall
AMDAMD Ryzen™ 7000 Series Desktop Processorsall
AMDAMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphicsall
AMDAMD Ryzen™ 8000 Series Processor with Radeon™ Graphicsall
AMDAMD Ryzen™ Threadripper™ 3000 Series Processorsall
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processorsall
AMDAMD Ryzen™ Threadripper™ PRO 3000WX Series Processorsall
AMDAMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processorsall
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ Graphicsall
AMDAMD Ryzen™ 6000 Series Processor with Radeon™ Graphicsall
AMDAMD Ryzen™ 7035 Series Processor with Radeon™ Graphicsall

…and 58 more

Timeline

  • Jul 8, 2025 CVE Published
  • Jul 9, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›