CVE-2024-21944

Name of the Vulnerable Software and Affected Versions AMD Secure Processor (ASP) (affected versions not specified)

Description The issue is related to a security flaw in AMD's Secure Encrypted Virtualization (SEV) that allows attackers to bypass SEV protections and access encrypted memory regions. This is due to a vulnerability in the AMD Secure Processor (ASP) that is associated with improper input validation. The exploitation of this issue can enable an attacker to elevate their privileges. The vulnerability, known as BadRAM, can be triggered by rogue memory modules and requires physical access to memory modules and the ability to execute code at the ring0 level on a server running protected guest environments.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.