← volver
CVE-2024-36315

CVE-2024-36315

CVSS 5.7 MEDIUMEPSS 0.1%CWE-693
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.7EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
13 may 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality.
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
AMD · AMD EPYC™ 8004 Series ProcessorsAMD · AMD EPYC™ Embedded 8004 Series ProcessorsAMD · AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")AMD · AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")AMD · AMD EPYC™Series 4004 ProcessorsAMD · AMD EPYC™ Series 9004 ProcessorsAMD · AMD Instinct™ MI300A Series ProcessorsAMD · AMD Ryzen™ 7000 Series Desktop ProcessorsAMD · AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael")AMD · AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 8000 Series Desktop ProcessorsAMD · AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")AMD · AMD Ryzen™ 9000 Series Desktop ProcessorsAMD · AMD Ryzen™ Embedded 7000 Series ProcessorsAMD · AMD Ryzen™ Embedded 8000 Series ProcessorsAMD · AMD Ryzen™ Z1 Series Processors

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.htmlhttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html