Improper LFENCE Serialization in AMD Processors
CVE-2024-36315

5.7MEDIUM

Key Information:

Vendor: Amd
Status: Amd Epyc™ Series 9004 Processors; Amd Epyc™series 4004 Processors; Amd Epyc™ 8004 Series Processors; Amd Instinct™ Mi300a Series Processors
Vendor: CVE Published:; 13 May 2026

What is CVE-2024-36315?

An improper enforcement of the LFENCE serialization property in AMD processors can expose systems to potential information disclosure risks. This vulnerability may enable attackers to bypass established speculation barriers, allowing them to access sensitive information and compromise system confidentiality. Users are urged to apply the latest patches and monitor security bulletins for updates on this issue.

Affected Version(s)

AMD EPYC™ 8004 Series Processors GenoaPI_1.0.0.E

AMD EPYC™ Embedded 8004 Series Processors EmbGenoaPI-SP5 1.0.0.D

AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") EmbGenoaPI-SP5 1.0.0.D

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
May 23, 2024

CVE-2024-36315 Data

JSON

Amd

What is CVE-2024-36315?

Affected Version(s)

References

CVSS V4

Timeline