CVE-2024-21977

LOW

CPU Microcode Patch - Info Disclosure

Title source: llm

Description

Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.

References (3)

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3014.html

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html

Scores

CVSS v3 3.2

EPSS 0.0001

EPSS Percentile 3.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-459

Status published

Products (20)

AMD/AMD EPYC™ 7003 Series Processors MilanPI 1.0.0.D

AMD/AMD EPYC™ 8004 Series Processors GenoaPI 1.0.0.C

AMD/AMD EPYC™ 9004 Series Processors GenoaPI 1.0.0.C

AMD/AMD EPYC™ Embedded 7003 Series Processors EmbMilanPI-SP3 1.0.0.9

AMD/AMD EPYC™ Embedded 9004 Series Processors EmbGenoaPI-SP5 1.0.0.9

AMD/AMD Ryzen™ 5000 Series Desktop Processors ComboAM4v2 1.2.0.Cb

AMD/AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1

AMD/AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics RembrandtPI-FP7/FP7r2_1.0.0.B

AMD/AMD Ryzen™ 7000 Series Desktop Processors ComboAM5 1.2.0.1

AMD/AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1

... and 10 more

Published Sep 05, 2025

Tracked Since Feb 18, 2026