Lucene search
K

8 matches found

CVE
CVE
added 2026/06/10 9:54 p.m.22 views

CVE-2024-21944

CVE-2024-21944 maps to an AMD SEV-SNP/ASP issue where SPD metadata can be improperly validated. Research show BadRAM-style exploits that can cause a memory module to misreport size, enabling a local attacker with ring0 or physical access to overwrite guest memory and compromise guest data integri...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/08 6:25 p.m.15 views

CVE-2024-36354

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...

7.5CVSS7.7AI score0.00154EPSS
Exploits0References1
NVD
NVD
added 2025/09/06 6:15 p.m.5 views

CVE-2024-36354

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...

7.5CVSS0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/06 6:6 p.m.10 views

CVE-2024-36354

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...

7.5CVSS0.00154EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/06 6:6 p.m.4 views

CVE-2024-36354

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at...

7.5CVSS6.8AI score0.00154EPSS
Exploits0References3
CVE
CVE
added 2025/09/06 6:6 p.m.24 views

CVE-2024-36354

CVE-2024-36354 covers improper input validation of DIMM SPD metadata that can bypass SMM isolation and lead to arbitrary code execution at the SMM level. Affected: AMD client/server/embedded processors with non‑compliant DIMMs; root cause is SPD metadata input validation weakness allowing bypass ...

7.5CVSS7.1AI score0.00154EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/06 12:0 a.m.5 views

PT-2025-36390

Name of the Vulnerable Software and Affected Versions: Affected versions not specified Description: Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of...

7.5CVSS6.8AI score0.00154EPSS
Exploits0References7
Amd
Amd
added 2024/12/10 12:0 a.m.30 views

Undermining Integrity Features of SEV-SNP with Memory Aliasing

AMD ID: AMD-SB-3015 Potential Impact: Loss of Integrity Severity: Medium Summary A team of researchers has reported to AMD that it may be possible to modify serial presence detect SPD metadata to make an attached memory module appear larger than it is, potentially allowing an attacker to overwrit...

5.3CVSS7AI score0.00222EPSS
Exploits0
Rows per page
Query Builder