AMD SMM OOB Read/Write in TSEG Memory Region
CVE-2024-36343 Published on May 19, 2026

Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment (TSEG) memory region, potentially resulting in loss of confidentiality or integrity.

NVD

Weakness Type

What is a buffer underrun Vulnerability?

The software writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of the valid memory location, or when a negative index is used.

CVE-2024-36343 has been classified to as a buffer underrun vulnerability or weakness.

Affected Versions

AMD EPYC™ 4004:

Version ComboAM5PI 1.1.0.3d is unaffected.

AMD EPYC™ 4005:

Version ComboAM5 1.2.0.3j is unaffected.

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics:

Version RembrandtPI-FP7_1.0.0.Bg is unaffected.

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics:

Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected.

AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics:

Version DragonRangeFL1_1.0.0.3l is unaffected.

AMD Ryzen™ 7000 Series Desktop Processors:

Version ComboAM5-PI_1.0.0.e is unaffected.
Version ComboAM5PI 1.1.0.3g is unaffected.
Version ComboAM5 1.2.0.3j is unaffected.

AMD Ryzen™ 9000HX Series Mobile Processors:

Version FireRangeFL1PI 1.0.0.0f is unaffected.

AMD Ryzen™ AI MAX:

Version StrixHaloPI-FP11_1.0.0.2b is unaffected.

AMD Ryzen™ AI 300 Series Processors:

Version StrixKrackanPI-FP8_1.1.0.0f is unaffected.
Version StrixKrackanPI-FP8_1.1.0.2e is unaffected.

AMD Ryzen™ Threadripper™ 7000 Processors:

Version StormPeakPI-SP6 1.1.0.0k is unaffected.

AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors:

Version StormPeakPI-SP6 1.0.0.1m is unaffected.
Version StormPeakPI-SP6_1.1.0.0k is unaffected.

AMD Ryzen™ 8000 Series Desktop Processors:

Version ComboAM5PI 1.1.0.3g is unaffected.

AMD Ryzen™ 8000 Series Desktop Processors:

Version ComboAM5 1.2.0.3j is unaffected.

AMD Ryzen™ 9000 Series Desktop Processors:

Version ComboAM5 1.2.0.3j is unaffected.

AMD Ryzen™ 9000 Series Desktop Processors:

Version ComboAM5 1.2.0.3j is unaffected.

AMD Ryzen™ Embedded V3000 Series Processors:

Version Embedded-PI_FP7r2 100F is unaffected.

AMD Ryzen™ Embedded 7000 Series Processors:

Version EmbeddedAM5PI 1.0.0.5 is unaffected.

AMD Ryzen™ Embedded 8000 Series Processors:

Version EmbeddedPhoenixPI-FP7r2_1.0.0.4 is unaffected.

AMD Ryzen™ Embedded 9000 Series Processors:

Version EmbeddedAM5PI 1.0.0.7 is unaffected.

Exploit Probability

EPSS

0.01%

Percentile

0.51%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

AMD SMM OOB Read/Write in TSEG Memory RegionCVE-2024-36343 Published on May 19, 2026

Weakness Type

What is a buffer underrun Vulnerability?

Affected Versions

Exploit Probability

AMD SMM OOB Read/Write in TSEG Memory Region
CVE-2024-36343 Published on May 19, 2026