Skip to main content

Amd Epyc 7003 Series Processors CVE-2024-21944

| EUVDEUVD-2024-55617 MEDIUM
Improper Input Validation (CWE-20)
2026-06-10 AMD GHSA-4c4q-g449-2566
5.3
CVSS 3.1 · Vendor: AMD
Share

Severity by source

Vendor (AMD) PRIMARY
5.3 MEDIUM
AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N
SUSE
MEDIUM
qualitative

Primary rating from Vendor (AMD).

CVSS VectorVendor: AMD

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 10, 2026 - 21:54 cve.org
MEDIUM 5.3

DescriptionCVE.org

Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integrity.

AnalysisAI

Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of. Rated medium severity (CVSS 5.3). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integrity. Affected products include: Amd Amd Epyc™ 7003 Series Processors, Amd Amd Epyc™ 9004 Series Processor.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise Micro 5.3 Affected
SUSE Linux Enterprise Micro 5.4 Affected
SUSE Linux Enterprise Micro 5.5 Affected

Share

CVE-2024-21944 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy