SMM Callout Vulnerability in AmdPlatformRasSspSmm Driver
CVE-2024-21924
8.2HIGH
Key Information:
What is CVE-2024-21924?
A vulnerability exists in the AmdPlatformRasSspSmm driver that enables an attacker with ring 0 access to alter boot services handlers. This flaw could lead to unauthorized execution of arbitrary code, compromising the integrity of the system and allowing for potential system manipulation or further exploitation.
Affected Version(s)
AMD EPYC™ 7002 Processors Rome PI 1.0.0.K
AMD EPYC™ Embedded 7002 Processors EmbRomePI-SP3 1.0.0.D
AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors ChagallWSPI-sWRX8 1.0.0.9