CVE-2021-46778
MEDIUMAMD Zen 1/2/3 CPU Firmware - Information Disclosure via Scheduler Queue Contention
Title source: llmDescription
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1039
Scores
CVSS v3
5.6
EPSS
0.0012
EPSS Percentile
30.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Details
CWE
CWE-203
Status
published
Products (50)
amd/athlon_3050ge_firmware
amd/athlon_3150g_firmware
amd/athlon_3150ge_firmware
amd/epyc_7001_firmware
amd/epyc_7002_firmware
amd/epyc_7003_firmware
amd/epyc_7232p_firmware
amd/epyc_7251_firmware
amd/epyc_7252_firmware
amd/epyc_7261_firmware
... and 40 more
Published
Aug 10, 2022
Tracked Since
Feb 18, 2026