Описание
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| amd64-microcode | unfixed | package | ||
| linux | fixed | 6.12.37-1 | package | |
| xen | unfixed | package | ||
| xen | end-of-life | bullseye | package |
Примечания
https://xenbits.xen.org/xsa/advisory-471.html
https://www.amd.com/content/dam/amd/en/documents/resources/bulletin/technical-guidance-for-mitigating-transient-scheduler-attacks.pdf
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html
https://aka.ms/enter-exit-leak
https://www.microsoft.com/en-us/research/wp-content/uploads/2025/07/Enter-Exit-SP26.pdf
https://gitlab.com/kernel-firmware/linux-firmware/-/commit/331eac9144402d6cfa02ff3b2888a40bb9a7a01a
https://gitlab.com/kernel-firmware/linux-firmware/-/commit/3768c184de68a85b9df6697e7f93a2f61de90a99
EPSS
Связанные уязвимости
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
EPSS