Critical Linux Kernel Vulnerabilities Affecting AMD Zen Processors

Critical Linux Kernel Vulnerabilities Affecting AMD Zen Processors

First seen 16 Apr 2026, 15:16 UTC Ubuntulaunchpad.netLinuxsecurity 94% similarity 70.5

Article Content

Browse articles
ThreatCluster

Multiple vulnerabilities were discovered in the Linux kernel, primarily affecting AMD Zen processors. The most notable flaw, known as EntrySign (CVE-2024-36347), allows privileged attackers to bypass CPU microcode signature verification, potentially leading to integrity and confidentiality breaches. This vulnerability impacts various subsystems across MIPS, PowerPC, and x86 architectures, among others. The updates released address several security issues, but the risk remains significant due to the potential for exploitation. The vulnerabilities were reported by researchers Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo. Users are advised to apply the latest patches to mitigate these risks. The vulnerabilities were published on June 27, 2025, and have been a focus of recent security advisories. The situation is ongoing as new updates are released to address these flaws.

Key Points: • EntrySign (CVE-2024-36347) allows privileged access to load malicious CPU microcode. • Vulnerabilities affect multiple architectures, including MIPS, PowerPC, and x86. • Immediate patching is recommended to mitigate risks associated with these vulnerabilities.

ThreatCluster AI

Timeline

2025-06-27
CVE-2024-36347 published
2026-04-16
USN-8179-1 and USN-8177-1 updates released
2026-04-17
USN-8179-2, USN-8184-1, USN-8185-1, USN-8177-2, USN-8183-1 updates released

Community

Browse all →