CVE-2020-12965

CVSS V2 Medium 5 CVSS V3 High 7.5
Description
When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.
Overview
  • CVE ID
  • CVE-2020-12965
  • Assigner
  • psirt@amd.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-02-04T23:15:10
  • Last Modified Date
  • 2022-02-10T06:43:03
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:amd:ryzen_pro_5650g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_5650g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_5650ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_5650ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_5750g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_5750g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_5750ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_5750ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_5350g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_5350g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_5350ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_5350ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_4750g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_4750g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_4750ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_4750ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_4650g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_4650g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_4650ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_4650ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_4350g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_4350g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_4350ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_4350ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3900_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3900:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3700_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3700:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3600_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3600:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3400g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3400g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3400ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3400ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3350g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3350g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3200g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3200g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_3200ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_3200ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_2400g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_2400g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_2400ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_2400ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_2200g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_2200g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_pro_2200ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_pro_2200ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_pro_3995wx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_pro_3975wx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_pro_3955wx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_pro_3945wx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_gold_pro_3150g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_gold_pro_3150ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_silver_pro_3125ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_silver_pro_3125ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_pro_300ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_pro_200ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_pro_200ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_3990x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_3970x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_3960x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_2990wx_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_2990wx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_2970wx_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_2970wx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_2950x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_2950x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_2920x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_2920x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_1950x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_1950x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_1920x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_1920x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_1920x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_1920x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_threadripper_1900x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_threadripper_1900x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5950x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5950x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5800x3d_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5800x3d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5900x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5900x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5800x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5800x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5600x_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5600x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5700g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5700g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5600g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5600g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5700g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5700g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5700ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5700ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5600g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5600g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5600ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5600ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5300g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5300g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_5300ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_4700g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_4700g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_4600g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_4600g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_4300g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_4300g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_4700ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_4700ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_4600ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_4600ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:ryzen_4300ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:ryzen_4300ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_3150ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_3150ge:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_3150g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_3150g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:amd:athlon_3050ge_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:amd:athlon_3050ge:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • NONE
  • Base Score
  • 7.5
  • Base Severity
  • HIGH
  • Exploitability Score
  • 3.9
  • Impact Score
  • 3.6
References
Reference URL Reference Tags
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010 Mitigation Vendor Advisory
History
Created Old Value New Value Data Type Notes
2022-05-10 06:33:20 Added to TrackCVE
2022-12-06 08:35:05 2022-02-04T23:15Z 2022-02-04T23:15:10 CVE Published Date updated
2022-12-06 08:35:05 2022-02-10T06:43:03 CVE Modified Date updated
2022-12-06 08:35:05 Analyzed Vulnerability Status updated