BDU:2022-03602Medium
BDU
BDU
Data Bank of Information Security Threats
BDU ФСТЭК is the authoritative Russian source of vulnerability information, covering both international CVEs relevant to domestic software and unique Russian-disclosed issues. Entries contain severity, affected product lists (in Russian), and mitigation recommendations.
Region
RU
Updates
1 ч
License
Открытые данные
Russian federal catalog of vulnerabilities and threats maintained by FSTEC. Required for compliance with Russian information security regulations (Приказ №17, Приказ №21).
https://bdu.fstec.ru →Share link
Anyone with the link can open this vulnerability.
Уязвимость реализации технологии динамического масштабирования напряжения и частоты (Dynamic Voltage and Frequency Scaling (DVFS)) микропро…
CVSS
6.3
Medium
EPSS
0.00
p0
Published
2022-01-01
Updated
2022-01-01
Description
Уязвимость реализации технологии динамического масштабирования напряжения и частоты (Dynamic Voltage and Frequency Scaling (DVFS)) микропрограммного обеспечения процессоров AMD связана с неправильной защитой физических побочных каналов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации, используя побочный канал
Affected products
Advanced micro devices inc. 1st gen amd epycAdvanced micro devices inc. 2nd gen amd epycAdvanced micro devices inc. 2nd gen amd ryzen mobile processor with radeon graphicsAdvanced micro devices inc. 2nd gen amd ryzen threadripperAdvanced micro devices inc. 3rd gen amd ryzen threadripperAdvanced micro devices inc. 7th generation amd a-series apusAdvanced micro devices inc. Amd athlon mobile processor with radeon graphicsAdvanced micro devices inc. Amd athlon x4 processorAdvanced micro devices inc. Amd ryzen 2000 series desktopAdvanced micro devices inc. Amd ryzen 2000 series mobile processorAdvanced micro devices inc. Amd ryzen 3000 series desktopAdvanced micro devices inc. Amd ryzen 3000 series mobile processorAdvanced micro devices inc. Amd ryzen 3000 series mobile processor with radeon graphicsAdvanced micro devices inc. Amd ryzen 4000 series desktop processors with radeon graphicsAdvanced micro devices inc. Amd ryzen 4000 series mobile processors with radeon graphicsAdvanced micro devices inc. Amd ryzen 5000 series mobile processor with radeon graphicsAdvanced micro devices inc. Amd ryzen threadripper pro processors
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Timeline
2022-01-01
Published
2022-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: H
High (H)
Privileges Required
PR: L
Low (L)
User Interaction
UI: N
None (N)
Scope
S: C
Changed (C)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: N
None (N)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.000 · p0
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Advanced Micro Devices
2nd Gen Amd EpycAmd Ryzen 4000 Series Desktop Processors With Radeon GraphicsAmd Ryzen 5000 Series Mobile Processor With Radeon Graphics1st Gen Amd EpycAmd Ryzen 4000 Series Mobile Processors With Radeon GraphicsAmd Ryzen 3000 Series Mobile Processor With Radeon GraphicsAmd Ryzen 3000 Series DesktopAmd Ryzen Threadripper Pro Processors2nd Gen Amd Ryzen Mobile Processor With Radeon GraphicsAmd Athlon Mobile Processor With Radeon Graphics+7
| Product | Vendor | Status |
|---|---|---|
| 1st gen amd epyc | advanced micro devices inc. | Tracked |
| 2nd gen amd epyc | advanced micro devices inc. | Tracked |
| 2nd gen amd ryzen mobile processor with radeon graphics | advanced micro devices inc. | Tracked |
| 2nd gen amd ryzen threadripper | advanced micro devices inc. | Tracked |
| 3rd gen amd ryzen threadripper | advanced micro devices inc. | Tracked |
| 7th generation amd a-series apus | advanced micro devices inc. | Tracked |
| amd athlon mobile processor with radeon graphics | advanced micro devices inc. | Tracked |
| amd athlon x4 processor | advanced micro devices inc. | Tracked |
| amd ryzen 2000 series desktop | advanced micro devices inc. | Tracked |
| amd ryzen 2000 series mobile processor | advanced micro devices inc. | Tracked |
| amd ryzen 3000 series desktop | advanced micro devices inc. | Tracked |
| amd ryzen 3000 series mobile processor | advanced micro devices inc. | Tracked |
| amd ryzen 3000 series mobile processor with radeon graphics | advanced micro devices inc. | Tracked |
| amd ryzen 4000 series desktop processors with radeon graphics | advanced micro devices inc. | Tracked |
| amd ryzen 4000 series mobile processors with radeon graphics | advanced micro devices inc. | Tracked |
| amd ryzen 5000 series mobile processor with radeon graphics | advanced micro devices inc. | Tracked |
| amd ryzen threadripper pro processors | advanced micro devices inc. | Tracked |
Source databases
BDU
BDU
Data Bank of Information Security Threats
BDU ФСТЭК is the authoritative Russian source of vulnerability information, covering both international CVEs relevant to domestic software and unique Russian-disclosed issues. Entries contain severity, affected product lists (in Russian), and mitigation recommendations.
Region
RU
Updates
1 ч
License
Открытые данные
Russian federal catalog of vulnerabilities and threats maintained by FSTEC. Required for compliance with Russian information security regulations (Приказ №17, Приказ №21).
https://bdu.fstec.ru →Related vulnerabilities