Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 29 Aug 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat rhel Aus Redhat rhel E4s Redhat rhel Els |
|
CPEs | cpe:/o:redhat:rhel_aus:7.7 cpe:/o:redhat:rhel_e4s:9.0 cpe:/o:redhat:rhel_els:7 |
|
Vendors & Products |
Redhat
Redhat rhel Aus Redhat rhel E4s Redhat rhel Els |
Tue, 27 Aug 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-94 |
Tue, 27 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 13 Aug 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 13 Aug 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 13 Aug 2024 10:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
threat_severity
|
threat_severity
|
Mon, 12 Aug 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | hw: amd: SMM Lock Bypass | |
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Fri, 09 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: AMD
Published: 2024-08-09T17:08:24.237Z
Updated: 2024-09-12T12:56:32.250Z
Reserved: 2023-04-27T15:25:41.423Z
Link: CVE-2023-31315
Vulnrichment
Updated: 2024-09-12T12:56:32.250Z
NVD
Status : Awaiting Analysis
Published: 2024-08-12T13:38:10.353
Modified: 2024-08-27T15:35:00.983
Link: CVE-2023-31315
Redhat