ByteOS Network

CVE Vulnerability Details :

CVE-2024-36310

PUBLISHED

More Info Official Page

Assigner-AMD

Assigner Org ID-b58fc414-a1e4-4f92-9d70-1add41838648

Published At-10 Feb, 2026 | 19:24

Updated At-10 Feb, 2026 | 21:26

▼CVE Numbering Authority (CNA)

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity.

Affected Products

Vendor

Advanced Micro Devices, Inc.

Product

AMD EPYC™ 9004 Series Processors

Default Status

affected

Versions

Unaffected

GenoaPI 1.0.0.F

Vendor

Advanced Micro Devices, Inc.

Product

AMD EPYC™ 9005 Series Processors

Default Status

affected

Versions

Unaffected

TurinPI 1.0.0.4

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics

Default Status

affected

Versions

Unaffected

RembrandtPI-FP7_1.0.0.BD

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics

Default Status

affected

Versions

Unaffected

PhoenixPI-FP8-FP7_1.2.0.0c

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics

Default Status

affected

Versions

Unaffected

MendocinoPI-FT6_1.0.0.7c

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 9000HX Series Mobile Processors

Default Status

affected

Versions

Unaffected

FireRangeFL1PI 1.0.0.0a

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ AI Max 300 Series Processors

Default Status

affected

Versions

Unaffected

StrixHaloPI-FP11_1.0.0.1

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ AI 300 Series Processors

Default Status

affected

Versions

Unaffected

StrixKrackanPI-FP8_1.1.0.0b

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ Threadripper™ 7000 Processors

Default Status

affected

Versions

Unaffected

StormPeakPI-SP6_1.1.0.0j

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors

Default Status

affected

Versions

Unaffected

StormPeakPI-SP6_1.0.0.1l
StormPeakPI-SP6_1.1.0.0j

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 8000 Series Desktop Processors

Default Status

affected

Versions

Unaffected

ComboAM5 1.1.0.3d
ComboAM5 1.2.0.3d

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 9000 Series Desktop Processors

Default Status

affected

Versions

Unaffected

ComboAM5 1.2.0.3d

Vendor

Advanced Micro Devices, Inc.

Product

Not public

Default Status

affected

Versions

Unaffected

ComboAM5 1.2.0.3d

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics

Default Status

affected

Versions

Unaffected

PhoenixPI-FP8-FP7_1.2.0.0c

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics

Default Status

affected

Versions

Unaffected

RembrandtPI-FP7_1.0.0.BD

Vendor

Advanced Micro Devices, Inc.

Product

AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")

Default Status

affected

Versions

Unaffected

EmbGenoaPI-SP5 1.0.0.B

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ Embedded 8000 Series Processors

Default Status

affected

Versions

Unaffected

EmbeddedPhoenixPI-FP7r2_1.0.0.2

Vendor

Advanced Micro Devices, Inc.

Product

AMD Ryzen™ Embedded V3000 Series Processors

Default Status

affected

Versions

Unaffected

Embedded-PI_FP7r2 100F

Problem Types

Type	CWE ID	Description
CWE	CWE-124	CWE-124 Buffer Underwrite ('Buffer Underflow')

Type: CWE

CWE ID: CWE-124

Description: CWE-124 Buffer Underwrite ('Buffer Underflow')

Metrics

Version	Base score	Base severity	Vector
4.0	4.6	MEDIUM	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Version: 4.0

Base score: 4.6

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

References

Hyperlink	Resource
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html	N/A
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html	N/A
https://www.amd.com/en/resources/product-security/bulletin/Emb-Auto.html	N/A

Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

Resource: N/A

Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html

Resource: N/A

Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/Emb-Auto.html

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References