CVE-2024-36345

EPSS 0.01% · P2 Updated May 15, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-36345

AIGC Shenlong Model
NVD (National Vulnerability Database)

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

CWE-1274

Source: NVD (National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
AMD	AMD EPYC™ 4004	ComboAM5PI 1.1.0.3d	-
AMD	AMD EPYC™ 4005	ComboAM5 1.2.0.3j	-
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics	RembrandtPI-FP7_1.0.0.Bg	-
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	PhoenixPI-FP8-FP7_1.2.0.0f	-
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	DragonRangeFL1_1.0.0.3l	-
AMD	AMD Ryzen™ 7000 Series Desktop Processors	ComboAM5PI 1.0.0.e	-
AMD	AMD Ryzen™ 9000HX Series Mobile Processors	FireRangeFL1PI 1.0.0.0f	-
AMD	AMD Ryzen™ AI MAX	StrixHaloPI-FP11_1.0.0.2b	-
AMD	AMD Ryzen™ AI 300 Series Processors	StrixKrackanPI-FP8_1.1.0.0f	-
AMD	AMD Ryzen™ Threadripper™ 7000 Processors	StormPeakPI-SP6 1.1.0.0k	-
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	StormPeakPI-SP6 1.0.0.1m	-
AMD	AMD Ryzen™ 8000 Series Desktop Processors	ComboAM5PI 1.1.0.3g	-
AMD	AMD Ryzen™ 9000 Series Desktop Processors	ComboAM5PI 1.2.0.3j	-
AMD	AMD Ryzen™ 9000 Series Desktop Processors	ComboAM5PI 1.2.0.3j	-
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	PhoenixPI-FP8-FP7_1.2.0.0f	-
AMD	AMD Ryzen™ Embedded 8000 Series Processors	EmbeddedPhoenixPI-FP7r2_1.0.0.4	-
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Embedded-PI_FP7r2 1012	-
AMD	AMD Ryzen™ Embedded 7000 Series Processors	EmbeddedAM5PI 1.0.0.7	-
AMD	AMD Ryzen™ Embedded 9000 Series Processors	EmbeddedAM5PI 1.0.0.7	-

II. Public POCs for CVE-2024-36345

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-36345

请登录查看更多情报信息。

Same Patch Batch · AMD · 2026-05-15 · 39 CVEs total

CVE-2025-48513		AMD PMF未初始化资源漏洞
CVE-2021-26380		Trusted OS驱动内存越界致完整性丢失
CVE-2025-0040		NXP JTAG-AXI访问控制漏洞
CVE-2024-21962		AMD RAID驱动输入验证缺陷致提权与代码执行
CVE-2025-29935		AMD PMF越界写入漏洞（影响代码执行）
CVE-2025-29944		AMD Sensor Fusion Hub 驱动缓冲区溢出致系统崩溃
CVE-2025-29938		AMD PMF 版本未指定：未检查返回值致任意代码执行
CVE-2025-29937		AMD PMF越界读取漏洞
CVE-2025-0028		AMD PMF框架越界读写漏洞
CVE-2025-29936		AMD平台管理框架输入验证缺陷导致权限提升
CVE-2022-23826		Graphics TOCTOU漏洞可致完整性破坏
CVE-2025-52540		AMD PMF驱动越界写入致提权
CVE-2025-48520		AMD平台管理框架驱动越界读取漏洞
CVE-2025-48519		AMD PMF驱动越界读写致提权漏洞
CVE-2025-0045		AMD Secure Processor驱动输入验证漏洞致拒绝服务
CVE-2026-0432		AMD芯片组驱动权限错误致提权
CVE-2025-48521		ASP PCI驱动Use-After-Free漏洞致平台完整性丧失
CVE-2025-48512		AMD GPIO控制器权限配置错误致提权
CVE-2026-0438		SMM handler执行非SMM内存代码导致远程代码执行漏洞
CVE-2023-31309		Power Management Firmware多版本信息泄露与可用性受损漏洞

Showing top 20 of 39 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: AMD

Same weakness: CWE-1274

V. Comments for CVE-2024-36345

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-36345

I. Basic Information for CVE-2024-36345

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-36345

III. Intelligence Information for CVE-2024-36345

Same Patch Batch · AMD · 2026-05-15 · 39 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-36345

Leave a comment