Vulnerabilities > CVE-2020-12912 - Information Exposure Through Discrepancy vulnerability in AMD Energy Driver for Linux

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
amd
CWE-203

Summary

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated the RAPL interface to require privileged access.

Vulnerable Configurations

Part Description Count
Application
Amd
1

Common Weakness Enumeration (CWE)