CVE-2024-36315

CVE-2024-36315

CVSS 5.7 MEDIUMEPSS 0.1%CWE-693

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.7EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

13 May 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality.

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

AMD · AMD EPYC™ 8004 Series Processors AMD · AMD EPYC™ Embedded 8004 Series Processors AMD · AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")AMD · AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")AMD · AMD EPYC™Series 4004 Processors AMD · AMD EPYC™ Series 9004 Processors AMD · AMD Instinct™ MI300A Series Processors AMD · AMD Ryzen™ 7000 Series Desktop Processors AMD · AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael")AMD · AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ 8000 Series Desktop Processors AMD · AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")AMD · AMD Ryzen™ 9000 Series Desktop Processors AMD · AMD Ryzen™ Embedded 7000 Series Processors AMD · AMD Ryzen™ Embedded 8000 Series Processors AMD · AMD Ryzen™ Z1 Series Processors

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html