Improper Input Validation in AMD Products
CVE-2024-36310

4.6MEDIUM

Key Information:

Vendor

Amd
Status
Amd Epyc™ 9004 Series Processors
Amd Epyc™ 9005 Series Processors
Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics
Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics
Vendor
CVE Published:
10 February 2026

What is CVE-2024-36310?

The vulnerability stems from improper input validation within the SMM (System Management Mode) communications buffer of affected AMD products. This flaw may enable an attacker with privileged access to execute out-of-bounds read or write operations to the SMRAM (System Management RAM), potentially compromising the confidentiality and integrity of sensitive data. It is essential for users to apply the recommended patches to mitigate this security risk effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AMD EPYC™ 9004 Series Processors GenoaPI 1.0.0.F

AMD EPYC™ 9005 Series Processors TurinPI 1.0.0.4

AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") EmbGenoaPI-SP5 1.0.0.B

References

https://www.amd.com/en/resources/product-security/bulleti...
https://www.amd.com/en/resources/product-security/bulleti...
https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:
4.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.