CVE-2024-36348

A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.

CVSS v3 3.8 LOW

3.8^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html

Configurations

No configuration.

History

10 Jul 2025, 13:19

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de ejecución transitoria en algunos AMD processors puede permitir que un proceso de usuario infiera los registros de control de manera especulativa incluso si la función UMIP está habilitada, lo que podría provocar una fuga de información.

08 Jul 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-08 17:15

Updated : 2025-07-10 13:19

NVD link : CVE-2024-36348

Mitre link : CVE-2024-36348

CVE.ORG link : CVE-2024-36348

JSON object : View

Products Affected

No product.

CWE

No CWE.

3.8 /10