Linux Kernel AMD Erratum Table Off-by-One Vulnerability

Vulnerability

A vulnerability in the Linux kernel's handling of AMD microcode erratum tables can lead to out-of-bounds reads. This issue arises because the NULL terminator at the end of the 'erratum_1386_microcode' array was removed during a transition in how CPU descriptions are managed. As a result, readers may inadvertently access memory beyond the intended array boundary.

Impact

Exploitation of this vulnerability could cause out-of-bounds memory access, which may lead to undefined behavior, including potential memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel AMD Erratum Table Off-by-One Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating