CVE-2022-27672
MEDIUMAMD Athlon X4 and Ryzen Threadripper Firmware - Information Disclosure via Speculative Execution
Title source: llmDescription
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
References (3)
Core 3
Core References
Mitigation, Vendor Advisory vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1045
Various Sources
http://xenbits.xen.org/xsa/advisory-426.html
Third Party Advisory
https://security.gentoo.org/glsa/202402-07
Scores
CVSS v3
4.7
EPSS
0.0023
EPSS Percentile
45.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (50)
AMD/1st Gen AMD EPYC™ Processors
Contact your OS vendor
AMD/2nd Gen AMD EPYC™ Processors
Contact your OS vendor
AMD/2nd Gen AMD Ryzen™ Threadripper™ Processors
Contact your OS vendor
AMD/3rd Gen AMD Ryzen™ Threadripper™ Processors
Contact your OS vendor
AMD/7th Generation AMD A-Series APUs
Contact your OS vendor
amd/a10-9600p_firmware
amd/a10-9630p_firmware
amd/a12-9700p_firmware
amd/a12-9730p_firmware
amd/a4-9120_firmware
... and 40 more
Published
Mar 01, 2023
Tracked Since
Feb 18, 2026