CVE-2024-36311
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-36311
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Source: NVD (National Vulnerability Database)
Vulnerability Title
AMD Processors 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AMD Processors是美国超威半导体(AMD)公司的一系列处理器。 AMD Processors存在安全漏洞,该漏洞源于TOCTOU竞争条件,可能导致特权攻击者绕过输入验证并执行越界读取或写入,进而造成机密性、完整性或可用性丢失。以下产品受到影响:AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics、AMD Ryzen™ 7000 Series Desktop Processors、AMD Ryzen™ 9000HX Seri
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| AMD | AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics | DragonRangeFL1PI 1.0.0.3h | - | |
| AMD | AMD Ryzen™ 7000 Series Desktop Processors | ComboAM5PI 1.0.0.b | - | |
| AMD | AMD Ryzen™ 9000HX Series Mobile Processors | FireRangeFL1PI 1.0.0.0a | - | |
| AMD | AMD Ryzen™ 8000 Series Desktop Processors | ComboAM5PI 1.1.0.3d | - | |
| AMD | AMD Ryzen™ 9000 Series Desktop Processors | ComboAM5PI 1.2.0.3d | - | |
| AMD | AMD Ryzen™ Embedded 7000 Series Processors | EmbeddedAM5PI 1.0.0.4 | - |
II. Public POCs for CVE-2024-36311
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-36311
请登录查看更多情报信息。
Same Patch Batch · AMD · 2026-02-10 · 23 CVEs total
| CVE-2025-54514 | AMD Processors 安全漏洞 | |
| CVE-2025-29948 | AMD EPYC Processor 安全漏洞 | |
| CVE-2025-48517 | AMD EPYC 9005 Series 安全漏洞 | |
| CVE-2025-52536 | AMD Processors 安全漏洞 | |
| CVE-2025-29952 | AMD Amd Epyc™ Embedded Processors和AMD EPYC 9005 Series 安全漏洞 | |
| CVE-2025-29950 | AMD多款产品 安全漏洞 | |
| CVE-2024-21953 | AMD多款产品 安全漏洞 | |
| CVE-2025-29939 | AMD Processors 安全漏洞 | |
| CVE-2025-0012 | AMD EPYC 安全漏洞 | |
| CVE-2025-52534 | AMD EPYC 9005 Series 安全漏洞 | |
| CVE-2025-48509 | AMD多款产品 安全漏洞 | |
| CVE-2025-29951 | AMD多款产品 安全漏洞 | |
| CVE-2025-48514 | AMD Processors 安全漏洞 | |
| CVE-2025-0031 | AMD EPYC Processor 安全漏洞 | |
| CVE-2025-0029 | AMD EPYC 9005 Series 安全漏洞 | |
| CVE-2025-29946 | AMD EPYC 安全漏洞 | |
| CVE-2024-36310 | AMD多款产品 安全漏洞 | |
| CVE-2024-36355 | AMD多款产品 安全漏洞 | |
| CVE-2025-29949 | AMD多款产品 安全漏洞 | |
| CVE-2021-26381 | AMD Ryzen和AMD Athlon 安全漏洞 |
Showing top 20 of 23 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same weakness: CWE-367
- CVE-2026-42344
FastGPT: DNS rebinding TOCTOU bypass in isInternalAddress al - CVE-2026-44694
n8n-MCP: Authenticated SSRF in n8n-mcp webhook and API clien - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2026-34354
Akamai Guardicore Platform Agent 安全漏洞 - CVE-2026-41002
VMware Spring Cloud Config 安全漏洞
V. Comments for CVE-2024-36311
No comments yet