Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-12965

When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.

Published

2022-02-04T23:15:10.293

Last Modified

2024-11-21T05:00:35.830

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-74

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	amd	ryzen_pro_5650g_firmware	-	Yes
Hardware	amd	ryzen_pro_5650g	-	No
Operating System	amd	ryzen_pro_5650ge_firmware	-	Yes
Hardware	amd	ryzen_pro_5650ge	-	No
Operating System	amd	ryzen_pro_5750g_firmware	-	Yes
Hardware	amd	ryzen_pro_5750g	-	No
Operating System	amd	ryzen_pro_5750ge_firmware	-	Yes
Hardware	amd	ryzen_pro_5750ge	-	No
Operating System	amd	ryzen_pro_5350g_firmware	-	Yes
Hardware	amd	ryzen_pro_5350g	-	No
Operating System	amd	ryzen_pro_5350ge_firmware	-	Yes
Hardware	amd	ryzen_pro_5350ge	-	No
Operating System	amd	ryzen_pro_4750g_firmware	-	Yes
Hardware	amd	ryzen_pro_4750g	-	No
Operating System	amd	ryzen_pro_4750ge_firmware	-	Yes
Hardware	amd	ryzen_pro_4750ge	-	No
Operating System	amd	ryzen_pro_4650g_firmware	-	Yes
Hardware	amd	ryzen_pro_4650g	-	No
Operating System	amd	ryzen_pro_4650ge_firmware	-	Yes
Hardware	amd	ryzen_pro_4650ge	-	No
Operating System	amd	ryzen_pro_4350g_firmware	-	Yes
Hardware	amd	ryzen_pro_4350g	-	No
Operating System	amd	ryzen_pro_4350ge_firmware	-	Yes
Hardware	amd	ryzen_pro_4350ge	-	No
Operating System	amd	ryzen_pro_3900_firmware	-	Yes
Hardware	amd	ryzen_pro_3900	-	No
Operating System	amd	ryzen_pro_3700_firmware	-	Yes
Hardware	amd	ryzen_pro_3700	-	No
Operating System	amd	ryzen_pro_3600_firmware	-	Yes
Hardware	amd	ryzen_pro_3600	-	No
Operating System	amd	ryzen_pro_3400g_firmware	-	Yes
Hardware	amd	ryzen_pro_3400g	-	No
Operating System	amd	ryzen_pro_3400ge_firmware	-	Yes
Hardware	amd	ryzen_pro_3400ge	-	No
Operating System	amd	ryzen_pro_3350g_firmware	-	Yes
Hardware	amd	ryzen_pro_3350g	-	No
Operating System	amd	ryzen_pro_3200g_firmware	-	Yes
Hardware	amd	ryzen_pro_3200g	-	No
Operating System	amd	ryzen_pro_3200ge_firmware	-	Yes
Hardware	amd	ryzen_pro_3200ge	-	No
Operating System	amd	ryzen_pro_2400g_firmware	-	Yes
Hardware	amd	ryzen_pro_2400g	-	No
Operating System	amd	ryzen_pro_2400ge_firmware	-	Yes
Hardware	amd	ryzen_pro_2400ge	-	No
Operating System	amd	ryzen_pro_2200g_firmware	-	Yes
Hardware	amd	ryzen_pro_2200g	-	No
Operating System	amd	ryzen_pro_2200ge_firmware	-	Yes
Hardware	amd	ryzen_pro_2200ge	-	No
Operating System	amd	ryzen_threadripper_pro_3995wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_3995wx	-	No
Operating System	amd	ryzen_threadripper_pro_3975wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_3975wx	-	No
Operating System	amd	ryzen_threadripper_pro_3955wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_3955wx	-	No
Operating System	amd	ryzen_threadripper_pro_3945wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_3945wx	-	No
Operating System	amd	athlon_gold_pro_3150g_firmware	-	Yes
Hardware	amd	athlon_gold_pro_3150g	-	No
Operating System	amd	athlon_gold_pro_3150ge_firmware	-	Yes
Hardware	amd	athlon_gold_pro_3150ge	-	No
Operating System	amd	athlon_silver_pro_3125ge_firmware	-	Yes
Hardware	amd	athlon_silver_pro_3125ge	-	No
Operating System	amd	athlon_pro_300ge_firmware	-	Yes
Hardware	amd	athlon_pro_300ge	-	No
Operating System	amd	athlon_pro_200ge_firmware	-	Yes
Hardware	amd	athlon_pro_200ge	-	No
Operating System	amd	ryzen_threadripper_3990x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_3990x	-	No
Operating System	amd	ryzen_threadripper_3970x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_3970x	-	No
Operating System	amd	ryzen_threadripper_3960x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_3960x	-	No
Operating System	amd	ryzen_threadripper_2990wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2990wx	-	No
Operating System	amd	ryzen_threadripper_2970wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2970wx	-	No
Operating System	amd	ryzen_threadripper_2950x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2950x	-	No
Operating System	amd	ryzen_threadripper_2920x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2920x	-	No
Operating System	amd	ryzen_threadripper_1950x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_1950x	-	No
Operating System	amd	ryzen_threadripper_1920x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_1920x	-	No
Operating System	amd	ryzen_threadripper_1920x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_1920x	-	No
Operating System	amd	ryzen_threadripper_1900x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_1900x	-	No
Operating System	amd	ryzen_5950x_firmware	-	Yes
Hardware	amd	ryzen_5950x	-	No
Operating System	amd	ryzen_5800x3d_firmware	-	Yes
Hardware	amd	ryzen_5800x3d	-	No
Operating System	amd	ryzen_5900x_firmware	-	Yes
Hardware	amd	ryzen_5900x	-	No
Operating System	amd	ryzen_5800x_firmware	-	Yes
Hardware	amd	ryzen_5800x	-	No
Operating System	amd	ryzen_5600x_firmware	-	Yes
Hardware	amd	ryzen_5600x	-	No
Operating System	amd	ryzen_5700g_firmware	-	Yes
Hardware	amd	ryzen_5700g	-	No
Operating System	amd	ryzen_5600g_firmware	-	Yes
Hardware	amd	ryzen_5600g	-	No
Operating System	amd	ryzen_5700g_firmware	-	Yes
Hardware	amd	ryzen_5700g	-	No
Operating System	amd	ryzen_5700ge_firmware	-	Yes
Hardware	amd	ryzen_5700ge	-	No
Operating System	amd	ryzen_5600g_firmware	-	Yes
Hardware	amd	ryzen_5600g	-	No
Operating System	amd	ryzen_5600ge_firmware	-	Yes
Hardware	amd	ryzen_5600ge	-	No
Operating System	amd	ryzen_5300g_firmware	-	Yes
Hardware	amd	ryzen_5300g	-	No
Operating System	amd	ryzen_5300ge_firmware	-	Yes
Hardware	amd	ryzen_5300ge	-	No
Operating System	amd	ryzen_4700g_firmware	-	Yes
Hardware	amd	ryzen_4700g	-	No
Operating System	amd	ryzen_4600g_firmware	-	Yes
Hardware	amd	ryzen_4600g	-	No
Operating System	amd	ryzen_4300g_firmware	-	Yes
Hardware	amd	ryzen_4300g	-	No
Operating System	amd	ryzen_4700ge_firmware	-	Yes
Hardware	amd	ryzen_4700ge	-	No
Operating System	amd	ryzen_4600ge_firmware	-	Yes
Hardware	amd	ryzen_4600ge	-	No
Operating System	amd	ryzen_4300ge_firmware	-	Yes
Hardware	amd	ryzen_4300ge	-	No
Operating System	amd	athlon_3150ge_firmware	-	Yes
Hardware	amd	athlon_3150ge	-	No
Operating System	amd	athlon_3150g_firmware	-	Yes
Hardware	amd	athlon_3150g	-	No
Operating System	amd	athlon_3050ge_firmware	-	Yes
Hardware	amd	athlon_3050ge	-	No

References

http://www.openwall.com/lists/oss-security/2023/12/05/3 ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010 Mitigation, Vendor Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2023/12/05/3 (af854a3a-2127-422b-91ae-364da2661108)
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010 Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)