{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-36315","assignerOrgId":"b58fc414-a1e4-4f92-9d70-1add41838648","state":"PUBLISHED","assignerShortName":"AMD","dateReserved":"2024-05-23T19:44:32.297Z","datePublished":"2026-05-13T03:07:34.076Z","dateUpdated":"2026-05-13T03:08:31.800Z"},"containers":{"cna":{"providerMetadata":{"orgId":"b58fc414-a1e4-4f92-9d70-1add41838648","shortName":"AMD","dateUpdated":"2026-05-13T03:08:31.800Z"},"datePublic":"2026-05-13T03:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-693","description":"CWE-693  Protection Mechanism Failure","type":"CWE"}]}],"affected":[{"vendor":"AMD","product":"AMD EPYC™ Series 9004 Processors","versions":[{"status":"unaffected","version":"GenoaPI_1.0.0.E"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD EPYC™Series 4004 Processors","versions":[{"status":"unaffected","version":"ComboAM5PI_1.0.0.a/ ComboAM5PI_1.1.0.3c/ ComboAM5PI_1.2.0.3"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD EPYC™ 8004 Series Processors","versions":[{"status":"unaffected","version":"GenoaPI_1.0.0.E"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Instinct™ MI300A Series Processors","versions":[{"status":"unaffected","version":"MI300PI 1.0.0.7"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ Z1 Series Processors","versions":[{"status":"unaffected","version":"ComboAM5PI_1.2.0.3"},{"status":"unaffected","version":"ComboAM5PI_1.1.0.3c"},{"status":"unaffected","version":"ComboAM5PI_1.0.0.a"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics","versions":[{"status":"unaffected","version":"PhoenixPI-FP8-FP7_1.2.0.0"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics","versions":[{"status":"unaffected","version":"DragonRangeFL1_1.0.0.3g"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ 9000 Series Desktop Processors","versions":[{"status":"unaffected","version":"ComboAM5PI_1.2.0.3"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ 7000 Series Desktop Processors","versions":[{"status":"unaffected","version":"ComboAM5PI_1.0.0.a"},{"status":"unaffected","version":"ComboAM5PI_1.1.0.3c"},{"status":"unaffected","version":"ComboAM5PI_1.2.0.3"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ 8000 Series Desktop Processors","versions":[{"status":"unaffected","version":"ComboAM5PI_1.1.0.3c"},{"status":"unaffected","version":"ComboAM5PI_1.2.0.3"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed \"Raphael\")","versions":[{"status":"unaffected","version":"ComboAM5PI_1.3.0.0"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")","versions":[{"status":"unaffected","version":"ComboAM5PI_1.3.0.0"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed \"Genoa\")","versions":[{"status":"unaffected","version":"EmbGenoaPI-SP5 1.0.0.D"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD EPYC™ Embedded 8004 Series Processors","versions":[{"status":"unaffected","version":"EmbGenoaPI-SP5 1.0.0.D"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")","versions":[{"status":"unaffected","version":"EmbGenoaPI-SP5 1.0.0.D"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ Embedded 8000 Series Processors","versions":[{"status":"unaffected","version":"EmbeddedPhoenixPI-FP7r2_1.0.0.3"}],"defaultStatus":"affected"},{"vendor":"AMD","product":"AMD Ryzen™ Embedded 7000 Series Processors","versions":[{"status":"unaffected","version":"EmbeddedAM5PI 1.0.0.5"}],"defaultStatus":"affected"}],"descriptions":[{"lang":"en","value":"Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality.","supportingMedia":[{"type":"text/html","base64":false,"value":"Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality. <br>"}]}],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED","version":"4.0","baseSeverity":"MEDIUM","baseScore":5.7,"vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"}}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"AMD PSIRT Automation 1.0"}}}}