Vulnerabilities > CVE-2024-21980 - Out-of-bounds Write vulnerability in AMD products

047910
CVSS 7.9 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
NONE
local
low complexity
amd
CWE-787
NVD
Published: 2024-08-05
Updated: 2024-11-26

Summary

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.

Vulnerable Configurations

Part Description Count
OS
Amd
644
Hardware
Amd
86

Common Weakness Enumeration (CWE)

References