Main Vulnerability Database SB2025070882

SB2025070882 - Multiple information disclosure vulnerabilities in AMD processors

Published: July 8, 2025

Security Bulletin ID SB2025070882

Severity

Low

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Local access

Highest impact Information disclosure

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2024-36357)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information leak. A local user can obtain sensitive data from the L1D cache.

2) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2024-36350)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information leak. A local user can obtain sensitive data from previous stores.

Install update from vendor's website.