CVE-2024-36357
MEDIUM5.6EPSS 0.10%Published: 7/8/2025Modified: 4/28/2026
Description
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.
Affected packages (5)
- Alpine/xenfrom 0, < 4.18.5-r1
- Debian/amd64-microcodefrom 0
- Debian/linuxfrom 0, < 5.10.244-1
- Debian/linux-6.1from 0, < 6.1.153-1~deb11u1
- Debian/xenfrom 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.6 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |