Vulnerability-Lookup

BDU:2025-02410

Vulnerability from fstec - Published: 04.03.2025

Title

Уязвимость функции load_ucode_amd_bsp() в модуле arch/x86/kernel/cpu/microcode/amd.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Description

Уязвимость функции load_ucode_amd_bsp() в модуле arch/x86/kernel/cpu/microcode/amd.c ядра операционной системы Linux связана с неправильным контролем идентификаторов ресурсов («внедрение ресурсов»). Эксплуатация уязвимости может позволить нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity ?


                    
                      AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Vendor

Advanced Micro Devices Inc., Сообщество свободного программного обеспечения

Software Name

AMD EPYC Embedded 7002, AMD Ryzen 7000 Series Processors Raphael, AMD Ryzen Embedded V2000, AMD Ryzen Embedded V3000, AMD EPYC Embedded 3000, AMD EPYC Embedded 7003, AMD Ryzen Embedded 5000, AMD Instinct MI300A, AMD Ryzen 5000 Series Desktop Processors Vermeer AM4, AMD Ryzen 5000 Series Desktop Processor with Radeon Graphics Cezanne, AMD Ryzen 3000 Series Desktop Processors Matisse AM4, AMD Athlon 3000 Series Desktop Processors with Radeon Graphics Picasso, AMD Ryzen 4000 Series Desktop processors with Radeon graphics, AMD Ryzen 8000 Series Processor with Radeon Graphics Phoenix, AMD Ryzen Threadripper 3000 Series Processors “Castle Peak” HEDT, AMD Ryzen Threadripper PRO 7000 WX-Series Processors, AMD Ryzen Threadripper PRO 3000WX Series Processors, AMD Ryzen Threadripper PRO 5000 WX-Series, AMD Athlon 3000 Series Mobile Processors with Radeon Graphics Dali, AMD Ryzen 3000 Series Mobile Processors with Radeon Graphics Picasso, AMD Ryzen 4000 Series Mobile Processors with Radeon Graphics Renoir FP6, AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Lucienne, AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Cezanne, AMD Ryzen 7020 Series Mobile Processors Mendocino, AMD Ryzen 6000 Series Mobile Processors Rembrandt, AMD Ryzen 7035 Series Processors with Radeon Graphics “Rembrandt-R”, AMD Ryzen 5000 Series Processors with Radeon Graphics Barcelo, AMD Ryzen 7000 Series Processors with Radeon Graphics, AMD Ryzen 7040 Series Mobile Processors with Radeon Graphics, AMD Ryzen 8040 Series Mobile Processors with Radeon Graphics Hawk Point, AMD Ryzen 7045 Series Mobile Processors, AMD EPYC Embedded 8004, AMD EPYC Embedded 9004, AMD EPYC Embedded 97X4, AMD Ryzen Embedded R1000, AMD Ryzen Embedded R2000, AMD Ryzen Embedded 7000, AMD Ryzen Embedded V1000, Linux

Software Version

до EmbRomePI-SP3 1.0.0.D (AMD EPYC Embedded 7002), до ComboAM5PI 1.0.0.a (AMD Ryzen 7000 Series Processors Raphael), до EmbeddedPI-FP6 1.0.0.B (AMD Ryzen Embedded V2000), до EmbeddedPI_FP7R2 1.0.0.C (AMD Ryzen Embedded V3000), до SnowyOwlPI 1.1.0.E (AMD EPYC Embedded 3000), до EmbMilanPI-SP3 1.0.0.A (AMD EPYC Embedded 7003), до EmbAM4PI 1.0.0.7 (AMD Ryzen Embedded 5000), до MI300PI_SR5 1.0.0.8 (AMD Instinct MI300A), до ComboAM4v2PI 1.2.0.E (AMD Ryzen 5000 Series Desktop Processors Vermeer AM4), до ComboAM4v2PI 1.2.0.E (AMD Ryzen 5000 Series Desktop Processor with Radeon Graphics Cezanne), до ComboAM4PI 1.0.0.D (AMD Ryzen 3000 Series Desktop Processors Matisse AM4), до ComboAM4v2PI 1.2.0.E (AMD Ryzen 3000 Series Desktop Processors Matisse AM4), до ComboAM4v2PI 1.2.0.E (AMD Athlon 3000 Series Desktop Processors with Radeon Graphics Picasso), до ComboAM4PI 1.0.0.D (AMD Athlon 3000 Series Desktop Processors with Radeon Graphics Picasso), до ComboAM5PI 1.1.0.3c (AMD Ryzen 7000 Series Processors Raphael), до ComboAM5PI 1.2.0.3 (AMD Ryzen 7000 Series Processors Raphael), до ComboAM4v2PI 1.2.0.E (AMD Ryzen 4000 Series Desktop processors with Radeon graphics), до ComboAM5PI 1.1.0.3c (AMD Ryzen 8000 Series Processor with Radeon Graphics Phoenix), до ComboAM5PI 1.2.0.3 (AMD Ryzen 8000 Series Processor with Radeon Graphics Phoenix), до CastlePeakPI-SP3r3 1.0.0.E (AMD Ryzen Threadripper 3000 Series Processors “Castle Peak” HEDT), до StormPeakPI-SP6 1.0.0.1k (AMD Ryzen Threadripper PRO 7000 WX-Series Processors), до StormPeakPI-SP6 1.1.0.0i (AMD Ryzen Threadripper PRO 7000 WX-Series Processors), до ChagallWSPI-sWRX8 1.0.0.B (AMD Ryzen Threadripper PRO 3000WX Series Processors), до CastlePeakWSPI-sWRX8 1.0.0.g (AMD Ryzen Threadripper PRO 3000WX Series Processors), до ChagallWSPI-sWRX8 1.0.0.B (AMD Ryzen Threadripper PRO 5000 WX-Series), до PicassoPI-FP5 1.0.1.2b (AMD Athlon 3000 Series Mobile Processors with Radeon Graphics Dali), до PicassoPI-FP5 1.0.1.2b (AMD Ryzen 3000 Series Mobile Processors with Radeon Graphics Picasso), до RenoirPI-FP6 1.0.0.Eb (AMD Ryzen 4000 Series Mobile Processors with Radeon Graphics Renoir FP6), до CezannePI-FP6 1.0.1.1b (AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Lucienne), до CezannePI-FP6 1.0.1.1b (AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Cezanne), до MendocinoPI-FT6 1.0.0.7b (AMD Ryzen 7020 Series Mobile Processors Mendocino), до RembrandtPI-FP7 1.0.0.Bb (AMD Ryzen 6000 Series Mobile Processors Rembrandt), до RembrandtPI-FP7 1.0.0.Bb (AMD Ryzen 7035 Series Processors with Radeon Graphics “Rembrandt-R”), до CezannePI-FP6 1.0.1.1b (AMD Ryzen 5000 Series Processors with Radeon Graphics Barcelo), до CezannePI-FP6 1.0.1.1b (AMD Ryzen 7000 Series Processors with Radeon Graphics), до PhoenixPI-FP8-FP7 1.2.0.0 (AMD Ryzen 7040 Series Mobile Processors with Radeon Graphics), до PhoenixPI-FP8-FP7 1.2.0.0 (AMD Ryzen 8040 Series Mobile Processors with Radeon Graphics Hawk Point), до DragonRangeFL1 1.0.0.3g (AMD Ryzen 7045 Series Mobile Processors), до EmbGenoaPI-SP5 1.0.0.9 (AMD EPYC Embedded 8004), до EmbGenoaPI-SP5 1.0.0.9 (AMD EPYC Embedded 9004), до EmbGenoaPI-SP5 1.0.0.9 (AMD EPYC Embedded 97X4), до EmbeddedPI-FP5 1.2.0.F (AMD Ryzen Embedded R1000), до EmbeddedR2KPI 1.0.0.5 (AMD Ryzen Embedded R2000), до EmbeddedAM5PI 1.0.0.3 (AMD Ryzen Embedded 7000), до EmbeddedPI-FP5 1.2.0.F (AMD Ryzen Embedded V1000), от 2.6.28 до 6.14 (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://git.kernel.org/linus/bb2281fb05e50108ce95c43ab7e701ee564565c8 Для AMD: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095470 https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099830#26 https://bugzilla.redhat.com/show_bug.cgi?id=2336412 https://git.kernel.org/linus/bb2281fb05e50108ce95c43ab7e701ee564565c8 https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w https://vuldb.com/ru/?id.298729 https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html https://www.cve.org/CVERecord?id=CVE-2024-36347 https://www.openwall.com/lists/oss-security/2025/03/05/3

CWE

CWE-99, CWE-347

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:H/Au:M/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Advanced Micro Devices Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e EmbRomePI-SP3 1.0.0.D (AMD EPYC Embedded 7002), \u0434\u043e ComboAM5PI 1.0.0.a (AMD Ryzen 7000 Series Processors Raphael), \u0434\u043e EmbeddedPI-FP6 1.0.0.B (AMD Ryzen Embedded V2000), \u0434\u043e EmbeddedPI_FP7R2 1.0.0.C (AMD Ryzen Embedded V3000), \u0434\u043e SnowyOwlPI 1.1.0.E (AMD EPYC Embedded 3000), \u0434\u043e EmbMilanPI-SP3 1.0.0.A (AMD EPYC Embedded 7003), \u0434\u043e EmbAM4PI 1.0.0.7 (AMD Ryzen Embedded 5000), \u0434\u043e MI300PI_SR5 1.0.0.8 (AMD Instinct MI300A), \u0434\u043e ComboAM4v2PI 1.2.0.E (AMD Ryzen 5000 Series Desktop Processors Vermeer AM4), \u0434\u043e ComboAM4v2PI 1.2.0.E (AMD Ryzen 5000 Series Desktop Processor with Radeon Graphics Cezanne), \u0434\u043e ComboAM4PI 1.0.0.D (AMD Ryzen 3000 Series Desktop Processors Matisse AM4), \u0434\u043e ComboAM4v2PI 1.2.0.E (AMD Ryzen 3000 Series Desktop Processors Matisse AM4), \u0434\u043e ComboAM4v2PI 1.2.0.E (AMD Athlon 3000 Series Desktop Processors with Radeon Graphics Picasso), \u0434\u043e ComboAM4PI 1.0.0.D (AMD Athlon 3000 Series Desktop Processors with Radeon Graphics Picasso), \u0434\u043e ComboAM5PI 1.1.0.3c (AMD Ryzen 7000 Series Processors Raphael), \u0434\u043e ComboAM5PI 1.2.0.3 (AMD Ryzen 7000 Series Processors Raphael), \u0434\u043e ComboAM4v2PI 1.2.0.E (AMD Ryzen 4000 Series Desktop processors with Radeon graphics), \u0434\u043e ComboAM5PI 1.1.0.3c (AMD Ryzen 8000 Series Processor with Radeon Graphics Phoenix), \u0434\u043e ComboAM5PI 1.2.0.3 (AMD Ryzen 8000 Series Processor with Radeon Graphics Phoenix), \u0434\u043e CastlePeakPI-SP3r3 1.0.0.E (AMD Ryzen Threadripper 3000 Series Processors \u201cCastle Peak\u201d HEDT), \u0434\u043e StormPeakPI-SP6 1.0.0.1k (AMD Ryzen Threadripper PRO 7000 WX-Series Processors), \u0434\u043e StormPeakPI-SP6 1.1.0.0i (AMD Ryzen Threadripper PRO 7000 WX-Series Processors), \u0434\u043e ChagallWSPI-sWRX8 1.0.0.B (AMD Ryzen Threadripper PRO 3000WX Series Processors), \u0434\u043e CastlePeakWSPI-sWRX8 1.0.0.g (AMD Ryzen Threadripper PRO 3000WX Series Processors), \u0434\u043e ChagallWSPI-sWRX8 1.0.0.B (AMD Ryzen Threadripper PRO 5000 WX-Series), \u0434\u043e PicassoPI-FP5 1.0.1.2b (AMD Athlon 3000 Series Mobile Processors with Radeon Graphics Dali), \u0434\u043e PicassoPI-FP5 1.0.1.2b (AMD Ryzen 3000 Series Mobile Processors with Radeon Graphics Picasso), \u0434\u043e RenoirPI-FP6 1.0.0.Eb (AMD Ryzen 4000 Series Mobile Processors with Radeon Graphics Renoir FP6), \u0434\u043e CezannePI-FP6 1.0.1.1b (AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Lucienne), \u0434\u043e CezannePI-FP6 1.0.1.1b (AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Cezanne), \u0434\u043e MendocinoPI-FT6 1.0.0.7b (AMD Ryzen 7020 Series Mobile Processors Mendocino), \u0434\u043e RembrandtPI-FP7 1.0.0.Bb (AMD Ryzen 6000 Series Mobile Processors Rembrandt), \u0434\u043e RembrandtPI-FP7 1.0.0.Bb (AMD Ryzen 7035 Series Processors with Radeon Graphics \u201cRembrandt-R\u201d), \u0434\u043e CezannePI-FP6 1.0.1.1b (AMD Ryzen 5000 Series Processors with Radeon Graphics Barcelo), \u0434\u043e CezannePI-FP6 1.0.1.1b (AMD Ryzen 7000 Series Processors with Radeon Graphics), \u0434\u043e PhoenixPI-FP8-FP7 1.2.0.0 (AMD Ryzen 7040 Series Mobile Processors with Radeon Graphics), \u0434\u043e PhoenixPI-FP8-FP7 1.2.0.0 (AMD Ryzen 8040 Series Mobile Processors with Radeon Graphics Hawk Point), \u0434\u043e DragonRangeFL1 1.0.0.3g (AMD Ryzen 7045 Series Mobile Processors), \u0434\u043e EmbGenoaPI-SP5 1.0.0.9 (AMD EPYC Embedded 8004), \u0434\u043e EmbGenoaPI-SP5 1.0.0.9 (AMD EPYC Embedded 9004), \u0434\u043e EmbGenoaPI-SP5 1.0.0.9 (AMD EPYC Embedded 97X4), \u0434\u043e EmbeddedPI-FP5 1.2.0.F (AMD Ryzen Embedded R1000), \u0434\u043e EmbeddedR2KPI 1.0.0.5 (AMD Ryzen Embedded R2000), \u0434\u043e EmbeddedAM5PI 1.0.0.3 (AMD Ryzen Embedded 7000), \u0434\u043e EmbeddedPI-FP5 1.2.0.F (AMD Ryzen Embedded V1000), \u043e\u0442 2.6.28 \u0434\u043e 6.14 (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/linus/bb2281fb05e50108ce95c43ab7e701ee564565c8\n\n\u0414\u043b\u044f AMD:\nhttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "04.03.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "09.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "07.03.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-02410",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-36347, AMD-SB-7033",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "AMD EPYC Embedded 7002, AMD Ryzen 7000 Series Processors Raphael, AMD Ryzen Embedded V2000, AMD Ryzen Embedded V3000, AMD EPYC Embedded 3000, AMD EPYC Embedded 7003, AMD Ryzen Embedded 5000, AMD Instinct MI300A, AMD Ryzen 5000 Series Desktop Processors Vermeer AM4, AMD Ryzen 5000 Series Desktop Processor with Radeon Graphics Cezanne, AMD Ryzen 3000 Series Desktop Processors Matisse AM4, AMD Athlon 3000 Series Desktop Processors with Radeon Graphics Picasso, AMD Ryzen 4000 Series Desktop processors with Radeon graphics, AMD Ryzen 8000 Series Processor with Radeon Graphics Phoenix, AMD Ryzen Threadripper 3000 Series Processors \u201cCastle Peak\u201d HEDT, AMD Ryzen Threadripper PRO 7000 WX-Series Processors, AMD Ryzen Threadripper PRO 3000WX Series Processors, AMD Ryzen Threadripper PRO 5000 WX-Series, AMD Athlon 3000 Series Mobile Processors with Radeon Graphics Dali, AMD Ryzen 3000 Series Mobile Processors with Radeon Graphics Picasso, AMD Ryzen 4000 Series Mobile Processors with Radeon Graphics Renoir FP6, AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Lucienne, AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics Cezanne, AMD Ryzen 7020 Series Mobile Processors Mendocino, AMD Ryzen 6000 Series Mobile Processors Rembrandt, AMD Ryzen 7035 Series Processors with Radeon Graphics \u201cRembrandt-R\u201d, AMD Ryzen 5000 Series Processors with Radeon Graphics Barcelo, AMD Ryzen 7000 Series Processors with Radeon Graphics, AMD Ryzen 7040 Series Mobile Processors with Radeon Graphics, AMD Ryzen 8040 Series Mobile Processors with Radeon Graphics Hawk Point, AMD Ryzen 7045 Series Mobile Processors, AMD EPYC Embedded 8004, AMD EPYC Embedded 9004, AMD EPYC Embedded 97X4, AMD Ryzen Embedded R1000, AMD Ryzen Embedded R2000, AMD Ryzen Embedded 7000, AMD Ryzen Embedded V1000, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 load_ucode_amd_bsp() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 arch/x86/kernel/cpu/microcode/amd.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430) (CWE-99), \u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 (CWE-347)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 load_ucode_amd_bsp() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 arch/x86/kernel/cpu/microcode/amd.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 (\u00ab\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\u00bb). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041f\u043e\u0434\u043c\u0435\u043d\u0430 \u043f\u0440\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438, \u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095470\nhttps://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking\nhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099830#26\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2336412\nhttps://git.kernel.org/linus/bb2281fb05e50108ce95c43ab7e701ee564565c8\nhttps://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w\nhttps://vuldb.com/ru/?id.298729\nhttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html\nhttps://www.cve.org/CVERecord?id=CVE-2024-36347\nhttps://www.openwall.com/lists/oss-security/2025/03/05/3",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-99, CWE-347",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,9)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)\n\u041d\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 0)"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2025-02410

Tags

Sightings

Nomenclature