CVE-2024-36310
BaseFortify
Publication date: 2026-02-10
Last updated on: 2026-02-10
Assigner: Advanced Micro Devices Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | epyc | * |
| amd | athlon | * |
| amd | ryzen | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-124 | The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper input validation in the System Management Mode (SMM) communications buffer. It could allow a privileged attacker to perform an out-of-bounds read or write operation to the System Management RAM (SMRAM).
Such out-of-bounds access may lead to a loss of confidentiality or integrity of the data stored in SMRAM.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing a privileged attacker to read or write outside the intended memory boundaries in SMRAM.
This could result in unauthorized disclosure of sensitive information (loss of confidentiality) or unauthorized modification of data (loss of integrity), potentially compromising system security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know