CVE-2021-46778

Name of the Vulnerable Software and Affected Versions AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT)

Description The issue is related to execution unit scheduler contention, which may lead to a side channel vulnerability. By measuring the contention level on scheduler queues, an attacker may potentially leak sensitive information. This vulnerability, known as SQUIP, affects AMD processors and allows an attacker to determine data used in other processes or virtual machines or establish a hidden communication channel between them, bypassing system access control mechanisms.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.