Intel SMM Buffer OOB Read/Write via Improper Input Validation
CVE-2024-36310 Published on February 10, 2026

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity.

NVD

Weakness Type

What is a buffer underrun Vulnerability?

The software writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of the valid memory location, or when a negative index is used.

CVE-2024-36310 has been classified to as a buffer underrun vulnerability or weakness.

Affected Versions

AMD EPYC™ 9004 Series Processors:

Version GenoaPI 1.0.0.F is unaffected.

AMD EPYC™ 9005 Series Processors:

Version TurinPI 1.0.0.4 is unaffected.

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics:

Version RembrandtPI-FP7_1.0.0.BD is unaffected.

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics:

Version PhoenixPI-FP8-FP7_1.2.0.0c is unaffected.

AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics:

Version MendocinoPI-FT6_1.0.0.7c is unaffected.

AMD Ryzen™ 9000HX Series Mobile Processors:

Version FireRangeFL1PI 1.0.0.0a is unaffected.

AMD Ryzen™ AI Max 300 Series Processors:

Version StrixHaloPI-FP11_1.0.0.1 is unaffected.

AMD Ryzen™ AI 300 Series Processors:

Version StrixKrackanPI-FP8_1.1.0.0b is unaffected.

AMD Ryzen™ Threadripper™ 7000 Processors:

Version StormPeakPI-SP6_1.1.0.0j is unaffected.

AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors:

Version StormPeakPI-SP6_1.0.0.1l is unaffected.
Version StormPeakPI-SP6_1.1.0.0j is unaffected.

AMD Ryzen™ 8000 Series Desktop Processors:

Version ComboAM5 1.1.0.3d is unaffected.
Version ComboAM5 1.2.0.3d is unaffected.

AMD Ryzen™ 9000 Series Desktop Processors:

Version ComboAM5 1.2.0.3d is unaffected.

AMD Not public:

Version ComboAM5 1.2.0.3d is unaffected.

AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics:

Version PhoenixPI-FP8-FP7_1.2.0.0c is unaffected.

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics:

Version RembrandtPI-FP7_1.0.0.BD is unaffected.

AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa"):

Version EmbGenoaPI-SP5 1.0.0.B is unaffected.

AMD Ryzen™ Embedded 8000 Series Processors:

Version EmbeddedPhoenixPI-FP7r2_1.0.0.2 is unaffected.

AMD Ryzen™ Embedded V3000 Series Processors:

Version Embedded-PI_FP7r2 100F is unaffected.

Exploit Probability

EPSS

0.01%

Percentile

0.44%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Intel SMM Buffer OOB Read/Write via Improper Input ValidationCVE-2024-36310 Published on February 10, 2026

Weakness Type

What is a buffer underrun Vulnerability?

Affected Versions

Exploit Probability

Intel SMM Buffer OOB Read/Write via Improper Input Validation
CVE-2024-36310 Published on February 10, 2026