CVE-2024-36331

Summary

Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 9004 Series ProcessorsGenoaPI_1.0.0.Funaffected
AMDEPYC™ Embedded 9004 Series ProcessorsEmbGenoaPI-1.0.0.Aunaffected
AMDAMD EPYC™ Embedded 9004 Series ProcessorsEmbGenoaPI-1.0.0.Aunaffected

Weaknesses

  • CWE-665: CWE-665 Improper Initialization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References