CVE-2024-36343

Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out o...

Published: 2026-05-19 · Last updated: 2026-05-20

Severity and scoring

CWE: CWE-124

Description

Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment (TSEG) memory region, potentially resulting in loss of confidentiality or integrity.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2024-36343
[Other]https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html
[Other]https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html

Related CVEs

Same CWE

CVE-2026-44631 — Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration (9.8 CRITICAL)
CVE-2026-34253 — A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread i... (8.2 HIGH)
CVE-2026-0966 — A flaw was found in libssh (8.2 HIGH)