8 matches found
CVE-2024-21944
CVE-2024-21944 maps to an AMD SEV-SNP/ASP issue where SPD metadata can be improperly validated. Research show BadRAM-style exploits that can cause a memory module to misreport size, enabling a local attacker with ring0 or physical access to overwrite guest memory and compromise guest data integri...
CVE-2024-36354
Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...
CVE-2024-36354
Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...
CVE-2024-36354
Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...
CVE-2024-36354
Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...
CVE-2024-36354
CVE-2024-36354 covers improper input validation of DIMM SPD metadata that can bypass SMM isolation and lead to arbitrary code execution at the SMM level. Affected: AMD client/server/embedded processors with non‑compliant DIMMs; root cause is SPD metadata input validation weakness allowing bypass ...
PT-2025-36390
Name of the Vulnerable Software and Affected Versions: Affected versions not specified Description: Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of...
Undermining Integrity Features of SEV-SNP with Memory Aliasing
AMD ID: AMD-SB-3015 Potential Impact: Loss of Integrity Severity: Medium Summary A team of researchers has reported to AMD that it may be possible to modify serial presence detect SPD metadata to make an attached memory module appear larger than it is, potentially allowing an attacker to overwrit...