CVE-2024-36331
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-06

Last updated on: 2025-11-03

Assigner: Advanced Micro Devices Inc.

Description
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-06
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-09-06
EPSS Evaluated
2026-06-14
NVD
CVE-2024-36331
Affected Vendors & Products
Showing 18 associated CPEs
Vendor Product Version / Range
amd ryzen_embedded 5000
amd epyc_embedded 7002
amd epyc_embedded 3000
amd epyc 4004
amd epyc 9004
amd ryzen_embedded v3000
amd epyc_embedded 7003
amd ryzen_embedded r1000
amd epyc 7002
amd epyc 7003
amd epyc_embedded 900
amd epyc 7001
amd ryzen_embedded 8000
amd ryzen_embedded r2000
amd ryzen_embedded 7000
linux linux 6.1.153
amd ryzen_embedded v2000
amd epyc 8004
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-665 The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves improper initialization of CPU cache memory, which could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory, leading to a loss of data integrity.

Impact Analysis

The vulnerability can impact you by allowing a privileged attacker with hypervisor access to overwrite guest memory protected by SEV-SNP, resulting in loss of data integrity. This means that sensitive or critical data could be altered without detection.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-36331. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart