CVE-2024-36347

CVSS v3.1

6.4

Medium

Vector

AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Debian Linux (affected versions not specified) amd64-microcode (affected versions not specified) linux (affected versions not specified)

Description The issue concerns a microcode signature verification vulnerability in AMD CPU. It affects packages including amd64-microcode and linux in Debian Linux.

Recommendations For Debian Linux, update the system to ensure the latest security patches are applied. For amd64-microcode, consider updating to the latest version available. For linux, apply the latest security updates to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Verification of Cryptographic Signature

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-99CWE-347

Related Identifiers

BDU:2025-02410

CVE-2024-36347

MGASA-2025-0258

USN-8177-1

USN-8177-2

USN-8179-1

USN-8179-2

USN-8179-3

USN-8179-4

USN-8183-1

USN-8183-2

USN-8184-1

USN-8185-1

USN-8185-2

USN-8203-1

USN-8204-1

USN-8245-1

USN-8257-1

USN-8258-1

USN-8260-1

USN-8261-1

USN-8265-1

Affected Products

Debian

Linuxmint

Ubuntu

Amd64-Microcode

Linux

CVE-2024-36347

Weakness Enumeration

Related Identifiers

Affected Products

References · 717