CVE-2024-36331

Advisory lineage Upstream: 0 Downstream: 25

Downstream

DEBIAN-CVE-2024-36331 DLA-4328-1 UBUNTU-CVE-2024-36331 USN-7879-1 USN-7879-2 USN-7879-3

Deferred

Published: 06 Sept 2025, 17:29

Last modified:03 Nov 2025, 17:31

Vulnerability Summary

Overall Risk (default)

low

13/100

CVSS Score

3.2 LOW

v3.1 (cve.org)

EPSS Score

0.03% LOW

0% probability +0.01%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Sept 2025, 17:29

Published

Vulnerability first disclosed

03 Nov 2025, 17:31

Last Modified

Vulnerability information updated

Description

Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.

CVSS Metrics

v3.1•LOW•Score: 3.2CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N

EPSS Trends

Current EPSS score: 0.03%• Percentile: 9%

Techniques & Countermeasures

CWE-665•Improper Initialization
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.