Vulnerability in Amd Epyc™ 8004 Series Processors

CVE-2024-36315

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality.

EPSS: 0.000 (8.3th percentile) — read the EPSS interpretation.

Affected products

Amd Epyc™ 8004 Series Processors — versions GenoaPI_1.0.0.E
Amd Epyc™ Embedded 8004 Series Processors — versions EmbGenoaPI-SP5 1.0.0.D
Amd Epyc™ Embedded 9004 Series Processors (Formerly Codenamed "Bergamo") — versions EmbGenoaPI-SP5 1.0.0.D
Amd Epyc™ Embedded 9004 Series Processors (Formerly Codenamed "Genoa") — versions EmbGenoaPI-SP5 1.0.0.D
Amd Epyc™series 4004 Processors — versions ComboAM5PI_1.0.0.a/ ComboAM5PI_1.1.0.3c/ ComboAM5PI_1.2.0.3
Amd Epyc™ Series 9004 Processors — versions GenoaPI_1.0.0.E
Amd Instinct™ Mi300a Series Processors — versions MI300PI 1.0.0.7
Amd Ryzen™ 7000 Series Desktop Processors — versions ComboAM5PI_1.0.0.a, ComboAM5PI_1.1.0.3c, ComboAM5PI_1.2.0.3
Amd Ryzen™ 7000 Series Desktop Processors (Formerly Codenamed "Raphael") — versions ComboAM5PI_1.3.0.0
Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics — versions PhoenixPI-FP8-FP7_1.2.0.0

Weakness classification (CWE)

CWE-693 — Protection Mechanism Failure

References