CVE-2024-36355: Ring0 SMM SMRAM Input Validation flaw for Wakeup Exec
CVE-2024-36355 Published on February 10, 2026

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.

NVD

Weakness Type

What is a Memory Corruption Vulnerability?

The software writes data past the end, or before the beginning, of the intended buffer. Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.

CVE-2024-36355 has been classified to as a Memory Corruption vulnerability or weakness.

Affected Versions

AMD EPYC™ 9004 Series Processors:

Version GenoaPI 1.0.0.E is unaffected.

AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors:

Version ChagallWSPI-sWRX8-1.0.0.B is unaffected.

AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics:

Version CezannePI-FP6_1.0.1.1b is unaffected.

AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors:

Version CastlePeakWSPI-sWRX8 1.0.0.G is unaffected.
Version ChagallWSPI-sWRX8-1.0.0.B is unaffected.

AMD Ryzen™ Z1 Series Processors:

Version ComboAM5 1.1.0.3c / ComboAM5 1.2.0.3d is unaffected.

AMD Ryzen™ 9000 Series Desktop Processors:

Version ComboAM5 1.2.0.3d is unaffected.

AMD Ryzen™ 7000 Series Desktop Processors:

Version ComboAM5 1.2.0.3d is unaffected.
Version ComboAM5 1.1.0.3c is unaffected.
Version ComboAM5PI 1.0.0.E is unaffected.

AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics:

Version PicassoPI-FP5_1.0.1.2c is unaffected.

AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics:

Version ComboAM4v2PI 1.2.0.10 is unaffected.

AMD Ryzen™ 3000 Series Desktop Processors:

Version ComboAM4PI 1.0.0.10 is unaffected.
Version ComboAM4v2PI 1.2.0.10 is unaffected.

AMD Ryzen™ 8000 Series Desktop Processors:

Version ComboAM5 1.1.0.3c is unaffected.

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics:

Version PhoenixPI-FP8-FP7_1.2.0.0c is unaffected.

AMD Ryzen™ Threadripper™ 7000 processor:

Version StormPeakPI-SP6 1.1.0.0i is unaffected.

AMD Ryzen™ Threadripper™ PRO 7000 WX-Series processors:

Version StormPeakPI-SP6 1.0.0.1k / StormPeakPI-SP6 1.1.0.0i is unaffected.

AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics:

Version PhoenixPI-FP8-FP7_1.2.0.0c is unaffected.

AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics:

Version RenoirPI-FP6 1.0.0.Eb is unaffected.

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics:

Version RembrandtPI-FP7_1.0.0.Bb is unaffected.

AMD Ryzen™ 8000 Series Desktop:

Version ComboAM5 1.2.0.3d is unaffected.

AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics:

Version MendocinoPI-FT6_1.0.0.7b is unaffected.

AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics:

Version DragonRangeFL1_1.0.0.3g is unaffected.

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics:

Version PicassoPI-FP5_1.0.1.2c is unaffected.

AMD Ryzen™ 4000 Series Desktop Processors:

Version ComboAM4v2PI 1.2.0.10 is unaffected.

AMD Ryzen™ 5000 Series Desktop Processors:

Version ComboAM4v2PI 1.2.0.10 is unaffected.

AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors:

Version StormPeakPI-SP6 1.1.0.0i is unaffected.

AMD Ryzen™ Z2 Series Processors:

Version PhoenixPI-FP8-FP7_1.2.0.0c is unaffected.

AMD Ryzen™ Z2 Series Processors Go:

Version RembrandtPI-FP7_1.0.0.Bb is unaffected.

AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa"):

Version EmbGenoaPI-SP5 1.0.0.B is unaffected.

AMD Ryzen™ Embedded R1000 Series Processors:

Version EmbeddedPI-FP5 1211 is unaffected.

AMD Ryzen™ Embedded R2000 Series Processors:

Version EmbeddedR2KPI-FP5 1006 is unaffected.

AMD Ryzen™ Embedded 5000 Series Processors:

Version EmbAM4PI 1008 is unaffected.

AMD Ryzen™ Embedded 7000 Series Processors:

Version EmbeddedAM5PI 1.0.0.4 is unaffected.

AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge"):

Version EmbeddedPI-FP5 1211 is unaffected.

AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso"):

Version EmbeddedPI-FP5 1211 is unaffected.

AMD Ryzen™ Embedded V2000 Series Processors:

Version EmbeddedPI-FP6_1.0.0.B is unaffected.

AMD Ryzen™ Embedded V3000 Series Processors:

Version Embedded-PI_FP7r2 100F is unaffected.

AMD Ryzen™ Embedded 8000 Series Processors:

Version EmbeddedPhoenixPI-FP7r2_1.0.0.2 is unaffected.

Exploit Probability

EPSS

0.01%

Percentile

0.71%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2024-36355: Ring0 SMM SMRAM Input Validation flaw for Wakeup ExecCVE-2024-36355 Published on February 10, 2026

Weakness Type

What is a Memory Corruption Vulnerability?

Affected Versions

Exploit Probability

CVE-2024-36355: Ring0 SMM SMRAM Input Validation flaw for Wakeup Exec
CVE-2024-36355 Published on February 10, 2026