CVE-2024-36311

Vulnerability Description

A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.

Related Weaknesses (CWE)

CWE-367

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

FAQ

What is CVE-2024-36311?

CVE-2024-36311 is a documented vulnerability. A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentiall...

How severe is CVE-2024-36311?

CVSS scoring is not yet available for CVE-2024-36311. Check NVD for updates.

Is there a patch for CVE-2024-36311?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.