SARA / Free Tools / CVE / CVE-2024-36350

CVE-2024-36350 — A transient execution vulnerability in some AMD processors may allow an attacker

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.

CVSS
5.6 MEDIUM
EPSS
2.00% (top 94.50%)
CWE
CWE-1421
Published
2025-07-08T16:56:39.834Z
Last modified
2025-11-04T21:08:39.481Z
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

01What is this vulnerability?

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.

02Affected products

VendorProductVersions
AMDAMD EPYC™ 7003 Series ProcessorsMilanPI 1.0.0.G + OS Updates
AMDAMD EPYC™ 9004 Series ProcessorsGenoaPI 1.0.0.E + OS Updates
AMDAMD EPYC™ 8004 Series ProcessorsGenoaPI 1.0.0.E + OS Updates
AMDAMD EPYC™ 9V64H ProcessorMI300PI 1.0.0.7 + OS Updates
AMDAMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.E + OS Updates
AMDAMD Ryzen™ 5000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.E + OS Updates
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.2.0.3 + OS Updates, ComboAM5PI 1.0.0.a+ OS Updates, ComboAM5PI 1.1.0.3c+ OS Updates
AMDAMD Ryzen™ 8000 Series Processor with Radeon™ GraphicsComboAM5PI 1.2.0.3 + OS Updates, ComboAM5PI 1.1.0.3c+ OS Updates
AMDAMD Ryzen™ Threadripper™ PRO 7000 WXSeries Processors — StormPeakPI-SP6 1.1.0.0i + OS Updates, StormPeakPI-SP6 1.0.0.1k + OS Updates
AMDAMD Ryzen™ 6000 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Bb + OS Updates
AMDAMD Ryzen™ 7035 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Bb + OS Updates
AMDAMD Ryzen™ 7000 Series Processors with Radeon™ GraphicsCezannePI-FP6 1.0.1.1b + OS Updates
AMDAMD Ryzen™ 7040 Series Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
AMDAMD Ryzen™ 7000 Series Mobile ProcessorsDragonRangeFL1 1.0.0.3g + OS Updates
AMDAMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 1.0.0.A + OS updates
AMDAMD EPYC™ Embedded 8004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.9 + OS updates
AMDAMD EPYC™ Embedded 9004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.9 + OS updates
AMDAMD Ryzen™ Embedded 5000 Series ProcessorsEmbAM4PI 1.0.0.7 + OS Update
AMDAMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.3 + OS updates
AMDAMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 100C + OS updates
AMDAMD EPYC™ Embedded 97X4EmbGenoaPI-SP5 1.0.0.9 + OS updates
AMDAMD Ryzen™ 5000 Series Processors with Radeon™ GraphicsCezannePI-FP6 1.0.1.1b + OS Updates

03Active exploitation status

Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.

04Recommended remediation

05Technical details

For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.

06Detection signatures

Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:

Open in Sigma generator →

07Related CVEs

No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.

08Timeline

09References

Want this in your SOAR or SIEM?
SARA's API returns EPSS, CVSS, KEV, and an analyst-grade summary in one call.
Read the API reference →
EPSS detail → Search KEV → Ask SARA →