CVE-2024-21944

Description

Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integrity.

References

• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3015.html