AMD warns worrying new Spectre, Meltdown-esque flaw could affect top CPUs - here's what we know

• AMD finds four flaws, separately low in severity, but powerful when combined
• Together, they can be abused in information disclosure attacks
• The list of affected devices is rather extensive, so be on your guard

AMD has discovered several security vulnerabilities affecting many of its chips can be chained together to create a concerning hack which could result in information disclosure.

The four vulnerabilities are tracked as CVE-2024-36349 (3.8), CVE-2024-36348 (3.8), CVE-2024-36357 (5.6), and CVE-2024-36350 (5.6). Together, they can be used in a so-called Transient Scheduler Attack (TSA), a side-channel, or timing-based attack that likely exploits transient scheduling decisions made by the CPU scheduler to leak information.

Since this is a side-channel attack that results in information disclosure, it is similar to the infamous Meltdown and Spectre flaws which dominated the security scene for months.