CVE-2024-36348

{"id": "CVE-2024-36348", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@amd.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.0}]}, "published": "2025-07-08T17:15:31.200", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html", "source": "psirt@amd.com"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage."}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n transitoria en algunos AMD processors puede permitir que un proceso de usuario infiera los registros de control de manera especulativa incluso si la funci\u00f3n UMIP est\u00e1 habilitada, lo que podr\u00eda provocar una fuga de informaci\u00f3n."}], "lastModified": "2025-07-10T13:19:18.800", "sourceIdentifier": "psirt@amd.com"}