CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS
Percentile
12.6%
Bulletin ID: AMD-SB-1026 **Potential Impact:**Data leakage **Severity:**Medium
AMD is providing an update for one recommended mitigation, mitigation G-5, in the “Software Techniques for Managing Speculation on AMD processors” white paper. Mitigation G-5 helps address potential vulnerabilities associated with speculative behavior of branch instructions.
AMD processors may transiently execute instructions following an unconditional direct branch that may result in detectable cache activity.
AMD is not aware of any active exploits in the wild that use this potential security vulnerability to exploit AMD products.
CVE-2021-26341
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
Desktop
Mobile
Chromebook
Server
AMD has provided guidance via an updated paper located here: <https://www.amd.com/system/files/documents/software-techniques-for-managing-speculation.pdf>
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS
Percentile
12.6%