AMD Transient Scheduler Attacks

AMD ID: AMD-SB-7029
Potential Impact: Loss of Confidentiality
Severity: Medium

Summary

AMD discovered several transient scheduler attacks related to the execution timing of instructions under specific microarchitectural conditions while investigating a Microsoft® report titled “Enter, Exit, Page Fault, Leak: Testing Isolation Boundaries for Microarchitectural Leaks”.

AMD has debugged these patterns and identified a speculative side channel affecting AMD CPUs . In some cases, an attacker may be able to use this timing information to infer data from other contexts, resulting in information leakage.

Please refer to Technical Guidance for Mitigating Transient Scheduler Attacks.pdf  for additional information on these attacks.

CVE Details

Refer to Glossary for explanation of terms

CVE CVSS Severity CVE Description
CVE-2024-36350 5.6 (Medium) AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
CVE-2024-36357 5.6 (Medium) AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.
CVE-2024-36348 3.8 (Low) AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP[3] feature is enabled, potentially resulting in information leakage.
CVE-2024-36349 3.8 (Low) AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

 Affected Products and Mitigation

AMD released to the Original Equipment Manufacturers (OEM) the Platform Initialization (PI) firmware versions on the target dates listed below. Please contact your OEM for the BIOS update specific to your product(s).

For mitigations requiring Operating System (OS) updates, AMD recommends consulting with your Operating System vendor’s documentation for information on how to enable the OS portion of the mitigation.

Data Center

AMD recommends updating to the Platform Initialization (PI) firmware versions indicated below.

1st Gen AMD EPYC™ Processors formerly codenamed "Naples"

Code Name CPUID Mitigation
Naples 0x00800F12
CVEs Platform Initialization (PI)
(Requires FW flash)
CVE-2024-36350 5.6 (Medium) Not affected
CVE-2024-36357 5.6 (Medium) Not affected
CVE-2024-36348 3.8 (Low) Not affected
CVE-2024-36349 3.8 (Low) No fix planned1
  1.  Leakage of TSC_AUX does not result in leakage of sensitive information

2nd Gen AMD EPYC™ Processors formerly codenamed "Rome"

Code Name CPUID Mitigation
Rome 0x00830F10h
CVEs Platform Initialization (PI)
(Requires FW flash)
CVE-2024-36350 5.6 (Medium) Not affected
CVE-2024-36357 5.6 (Medium) Not affected
CVE-2024-36348 3.8 (Low) No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

3rd Gen AMD EPYC™ Processors formerly codenamed “Milan" and “Milan-X”

Please Note: OS updates will also be required to mitigate these two vulnerabilities. Please refer to your OSV for additional information.

Code Name CPUID Mitigation  
Milan 0x00A00F11 Platform Initialization (PI)
(Requires FW flash)
Milan-X 0x00A00F12
Minimum firmware versions to mitigate listed CVEs below MilanPI 1.0.0.G + OS Updates (2025-01-29)
CVE-2024-36350 5.6 (Medium) MilanPI 1.0.0.G + OS Updates (2025-01-29)
CVE-2024-36357 5.6 (Medium) MilanPI 1.0.0.G + OS Updates (2025-01-29)
CVE-2024-36348 3.8 (Low) No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

4th Gen AMD EPYC™ Processors formerly codenamed "Genoa", “Genoa-X”, “Bergamo”, and “Siena”

Please Note: OS updates will also be required to mitigate these two vulnerabilities. Please refer to your OSV for additional information.

Code Name CPUID Mitigation  
Genoa 0x00A10F11 Platform Initialization (PI)
(Requires FW flash)
 
Genoa-X 0x00A10F12
Bergamo/Siena 0x00AA0F02
Minimum firmware versions to mitigate all listed CVEs   GenoaPI 1.0.0.E + OS (2024-12-16)
CVE-2024-36350 5.6 (Medium) GenoaPI 1.0.0.E + OS Updates (2024-12-16)
CVE-2024-36357 5.6 (Medium) GenoaPI 1.0.0.E + OS Updates (2024-12-16)
CVE-2024-36348 3.8 (Low) No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

4th Gen AMD EPYC™ Processors formerly codenamed "Raphael"

Code Name CPUID Mitigation
Raphael 0x00A60F12
CVEs Platform Initialization (PI)
(Requires FW flash)
CVE-2024-36350 5.6 (Medium) Not affected
CVE-2024-36357 5.6 (Medium) Not affected
CVE-2024-36348 3.8 (Low) No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

Data Center Graphics

AMD recommends updating to the Platform Initialization (PI) firmware versions indicated below

Please Note: OS updates will be also required to mitigate these two vulnerabilities. Please refer to your OSV for additional information.

 CVE AMD Instinct™ MI300A
CVE-2024-36350 5.6 (Medium) MI300PI 1.0.0.7 (2024-12-02)
CVE-2024-36357 5.6 (Medium) MI300PI 1.0.0.7 (2024-12-02)
CVE-2024-36348 3.8 (Low) No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

Client Processors

AMD recommends updating to the Platform Initialization (PI) firmware versions indicated below

Please Note: OS updates will be also required to mitigate these two vulnerabilities. Please refer to your OSV for additional information.

Desktop

CVE AMD Ryzen™ 5000 Series Desktop Processors (Formerly codenamed) “Vermeer” AM4 AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics (Formerly codenamed) “Cezanne” AM4
CVE-2024-36350 5.6 (Medium) ComboAM4v2PI 1.2.0.E + OS Updates (2025-01-22) ComboAM4v2PI 1.2.0.E + OS Updates (2025-01-22)
CVE-2024-36357 5.6 (Medium) ComboAM4v2PI 1.2.0.E + OS Updates (2025-01-22) ComboAM4v2PI 1.2.0.E + OS Updates (2025-01-22)
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information
CVE AMD Ryzen™ 3000 Series Desktop Processors (Formerly codenamed) “Matisse” AM4 AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics (Formerly codenamed) “Picasso” AM4
CVE-2024-36350 5.6 (Medium) Not affected Not affected
CVE-2024-36357 5.6 (Medium) Not affected Not affected
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information
CVE AMD Ryzen™ 7000 Series Desktop Processors (Formerly codenamed) “Raphael” X3D AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics (Formerly codenamed) “Renoir” AM4 AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics (Formerly codenamed) “Phoenix” AM5
CVE-2024-36350 5.6 (Medium) ComboAM5PI 1.2.0.3 + OS Updates (2025-01-08)   ComboAM5PI 1.0.0.a+ OS Updates (2025-01-14)   ComboAM5PI 1.1.0.3c+ OS Updates (2025-01-27) Not affected ComboAM5PI 1.2.0.3 + OS Updates (2025-01-08)   ComboAM5PI 1.1.0.3c+ OS Updates (2025-01-27)
CVE-2024-36357 5.6 (Medium) ComboAM5PI 1.2.0.3 + OS Updates (2025-01-08)   ComboAM5PI 1.0.0.a+ OS Updates (2025-01-14)   ComboAM5PI 1.1.0.3c+ OS Updates (2025-01-27) Not affected ComboAM5PI 1.2.0.3 + OS Updates (2025-01-08)   ComboAM5PI 1.1.0.3c+ OS Updates (2025-01-27)
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

High End Desktop (HEDT)

CVE AMD Ryzen™ Threadripper™ 3000 Series Processors (Formerly codenamed) “Castle Peak” HEDT AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors (Formerly codenamed) “Storm Peak”
CVE-2024-36350 5.6 (Medium) Not affected StormPeakPI-SP6 1.1.0.0i + OS Updates (2024-12-16)
StormPeakPI-SP6 1.0.0.1k + OS Updates (2024-12-19)
CVE-2024-36357 5.6 (Medium) Not affected StormPeakPI-SP6 1.1.0.0i + OS Updates (2024-12-16)
StormPeakPI-SP6 1.0.0.1k + OS Updates (2024-12-19)
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

Workstation

CVE AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors (Formerly codenamed)
“Castle Peak” WS SP3
AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors (Formerly codenamed)
“Chagall” WS
CVE-2024-36350 5.6 (Medium) Not affected Not affected
CVE-2024-36357 5.6 (Medium) Not affected Not affected
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

Mobile - AMD Athlon™ Series Processors

CVE AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (Formerly codenamed) “Dali”/”Dali” FP5 AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (Formerly codenamed) “Pollock”
CVE-2024-36350 5.6 (Medium) Not affected Not affected
CVE-2024-36357 5.6 (Medium) Not affected Not affected
CVE-2024-36348 3.8 (Low) Not affected Not affected
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

Mobile - AMD Ryzen™ Series

CVE AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics (Formerly codenamed) “Picasso” FP5 AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (Formerly codenamed) “Renoir” FP6
CVE-2024-36350 5.6 (Medium) Not affected Not affected
CVE-2024-36357 5.6 (Medium) Not affected Not affected
CVE-2024-36348 3.8 (Low) Not affected No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information
CVE AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics (Formerly codenamed) "Rembrandt" FP7 AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics (Formerly codenamed) “Rembrandt R” AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics (Formerly codenamed) “Barcelo” FP6 AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics (Formerly codenamed) “Barcelo R” FP6
CVE-2024-36350 5.6 (Medium) RembrandtPI-FP7 1.0.0.Bb + OS Updates (2024-12-26) RembrandtPI-FP7 1.0.0.Bb + OS Updates (2024-12-26) CezannePI-FP6 1.0.1.1b + OS Updates (2024-12-27) CezannePI-FP6 1.0.1.1b + OS Updates (2024-12-27)
CVE-2024-36357 5.6 (Medium) RembrandtPI-FP7 1.0.0.Bb + OS Updates (2024-12-26) RembrandtPI-FP7 1.0.0.Bb + OS Updates (2024-12-26) CezannePI-FP6 1.0.1.1b + OS Updates (2024-12-27) CezannePI-FP6 1.0.1.1b + OS Updates (2024-12-27)
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2 No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1 No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information
CVE AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics (Formerly codenamed) “Phoenix” FP7/FP7r2/FP8 AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (Formerly codenamed)
“Hawk Point”
FP7/FP7r2/FP8
AMD Ryzen™ 7000 Series Mobile Processors (Formerly codenamed) “Dragon Range” FL1
CVE-2024-36350 5.6 (Medium) PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates (2024-12-16) PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates (2024-12-16) DragonRangeFL1 1.0.0.3g + OS Updates (2024-12-18)
CVE-2024-36357 5.6 (Medium) PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates (2024-12-16) PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates (2024-12-16) DragonRangeFL1 1.0.0.3g + OS Updates (2024-12-18)
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2 Not affected
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information

Embedded Processors

AMD recommends updating to the Platform Initialization (PI) firmware versions indicated below.

Please Note: OS updates will be also required to mitigate these two vulnerabilities. Please refer to your OSV.

CVE AMD EPYC™ Embedded 3000 AMD EPYC™ Embedded 7002 AMD EPYC™ Embedded 7003
CVE-2024-36350 5.6 (Medium) Not affected Not affected EmbMilanPI-SP3 1.0.0.A (2024-12-19)
CVE-2024-36357 5.6 (Medium) Not affected Not affected EmbMilanPI-SP3 1.0.0.A (2024-12-19)
CVE-2024-36348 3.8 (Low) Not affected No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information
CVE AMD EPYC™ Embedded 8004 AMD EPYC™ Embedded 9004 AMD EPYC™ Embedded 97X4
CVE-2024-36350 5.6 (Medium) EmbeddedPhoenixPI-FP7r2_1.2.0.0 (2024-12-31) EmbGenoaPI-SP5 1.0.0.9 (2024-12-23) EmbGenoaPI-SP5 1.0.0.9 (2024-12-23)
CVE-2024-36357 5.6 (Medium) EmbGenoaPI-SP5 1.0.0.9 (2024-12-23) EmbGenoaPI-SP5 1.0.0.9 (2024-12-23) EmbGenoaPI-SP5 1.0.0.9 (2024-12-23)
CVE-2024-36348 3.8 (Low) No fix planned2 No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information
CVE AMD Ryzen™ Embedded R1000 AMD Ryzen™ Embedded R2000 AMD Ryzen™ Embedded 5000 AMD Ryzen™ Embedded 7000
CVE-2024-36350 5.6 (Medium) Not affected Not affected EmbAM4PI 1.0.0.7 (2025-01-31) EmbeddedAM5PI 1.0.0.3 (2025-01-31)
CVE-2024-36357 5.6 (Medium) Not affected Not affected EmbAM4PI 1.0.0.7 (2025-01-31) EmbeddedAM5PI 1.0.0.3 (2025-01-31)
CVE-2024-36348 3.8 (Low) Not affected Not affected No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1 No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive information
  CVE AMD Ryzen™ Embedded V1000 AMD Ryzen™ Embedded V2000 AMD Ryzen™ Embedded V3000    
All V1000 OPNs excluding YE1500C4T4MFH YE1500C4T4MFH    
CVE-2024-36350 5.6 (Medium) Not affected Not affected Not affected Embedded-PI_FP7r2 100C (2024-12-31)
CVE-2024-36357 5.6 (Medium) Not affected Not affected Not affected Embedded-PI_FP7r2 100C (2024-12-31)
CVE-2024-36348 3.8 (Low) Not affected Not affected No fix planned2 No fix planned2
CVE-2024-36349 3.8 (Low) No fix planned1 No fix planned1 No fix planned1 No fix planned1
  1. Leakage of TSC_AUX does not result in leakage of sensitive information
  2. Leakage of CPU Configuration does not result in leakage of sensitive infom there.

Acknowledgement 

AMD thanks Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos from Microsoft, and Flavien Solt from ETH Zurich for reporting these issues and engaging in coordinated vulnerability disclosure.

Revisions 

Revision Date Description
2025-07-08 Initial publication

DISCLAIMER

The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken in the preparation of this document, it may contain technical inaccuracies, omissions and typographical errors, and AMD is under no obligation to update or otherwise correct this information. Advanced Micro Devices, Inc. makes no representations or warranties with respect to the accuracy or completeness of the contents of this document, and assumes no liability of any kind, including the implied warranties of noninfringement, merchantability or fitness for particular purposes, with respect to the operation or use of AMD hardware, software or other products described herein. Any computer system has risks of security vulnerabilities that cannot be completely prevented or mitigated. No license, including implied or arising by estoppel, to any intellectual property rights is granted by this document. Terms and limitations applicable to the purchase or use of AMD’s products are as set forth in a signed agreement between the parties or in AMD's Standard Terms and Conditions of Sale.

AMD, the AMD Arrow logo, EPYC, Radeon, Ryzen, Threadripper and combinations thereof are trademarks of Advanced Micro Devices, Inc. CVE and the CVE logo are registered trademarks of The MITRE Corporation. Microsoft is a registered trademark of Microsoft Corporation in the US and/or other countries. Other product names used in this publication are for identification purposes only and may be trademarks of their respective companies. Third party content may be licensed to you directly by the third party that owns the content and is not licensed to you by AMD. ALL LINKED THIRD-PARTY CONTENT IS PROVIDED ‘AS IS’ WITHOUT A WARRANTY OF ANY KIND. USE OF SUCH THIRD-PARTY CONTENT IS DONE AT YOUR SOLE DISCRETION AND UNDER NO CIRCUMSTANCES WILL AMD BE LIABLE TO YOU FOR ANY THIRD-PARTY CONTENT. YOU ASSUME ALL RISK AND ARE SOLELY RESPONSIBILITY FOR ANY DAMAGES THAT MAY ARISE FROM YOUR USE OF THIRD-PARTY CONTENT.

© 2025 Advanced Micro Devices, Inc. All rights reserved.