How severe is CVE-2021-46778?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.6 out of 10.

What type of vulnerability is CVE-2021-46778?

This is classified as CWE-203, which is a common weakness in software security.

CVE-2021-46778

MEDIUM Year: 2021

CVSS v3 Score

5.6

Medium

Weakness Type

CWE-203

View all →

Vulnerability Description

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information.

CVE-2017-5715

MEDIUM

CVSS:5.6(Medium)

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel an...

CWE-2032017

CVE-2017-5753

MEDIUM

CVSS:5.6(Medium)

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

CWE-2032017

CVE-2018-3620

MEDIUM

CVSS:5.6(Medium)

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user acce...

CWE-2032018

CVE-2018-3640

MEDIUM

CVSS:5.6(Medium)

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local use...

CWE-2032018