CVE-2024-21944

🗓️ 10 Jun 2026 21:54:19Reported by AMDType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 19 Views

Improper SPD validation could overwrite guest memory, risking data integrity with physical access or root of trust update.

Reporter	Title	Published	Views	Family All 13
Amd	Undermining Integrity Features of SEV-SNP with Memory Aliasing	10 Dec 202400:00	–	amd
Amd	MilanLaunchy Firmware Loader	12 May 202600:00	–	amd
BDU FSTEC	The vulnerability of AMD Secure Processor’s microprogramming software is related to improper validation of input data, allowing attackers to exploit their privileges.	13 Jan 202500:00	–	bdu_fstec
Circl	CVE-2024-21944	11 Dec 202411:43	–	circl
CNNVD	AMD EPYC Processor 输入验证错误漏洞	10 Jun 202600:00	–	cnnvd
Cvelist	CVE-2024-21944	10 Jun 202621:54	–	cvelist
EUVD	EUVD-2024-55617	11 Jun 202600:32	–	euvd
NVD	CVE-2024-21944	10 Jun 202623:16	–	nvd
Positive Technologies	PT-2024-10062	10 Dec 202400:00	–	ptsecurity
Redos	ROS-20250624-01	24 Jun 202500:00	–	redos

[
  {
    "vendor": "AMD",
    "product": "AMD EPYC™ 7003 Series Processors",
    "versions": [
      {
        "status": "unaffected",
        "version": "Milan PI 1.0.0.D"
      },
      {
        "status": "unaffected",
        "version": "SEV FW 1.55.22 (hex 1.37.16)"
      }
    ],
    "defaultStatus": "affected"
  },
  {
    "vendor": "AMD",
    "product": "AMD EPYC™ 9004 Series Processor",
    "versions": [
      {
        "status": "unaffected",
        "version": "Genoa PI 1.0.0.D"
      },
      {
        "status": "unaffected",
        "version": "SEV FW 1.55.38 (hex 1.37.26)"
      }
    ],
    "defaultStatus": "affected"
  }
]

Source	Link
amd	www.amd.com/en/resources/product-security/bulletin/amd-sb-3015.html

17 Jun 2026 07:10Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.15.3

EPSS0.00222

SSVC

CWE-20