CVE-2024-21935

Name of the Vulnerable Software and Affected Versions AMD MI300X processors (affected versions not specified)

Description A flaw exists in the Satellite Management Controller (SMC) of AMD MI300X processors due to insufficient input validation. This could allow a remote attacker to execute arbitrary commands. Specifically, improper input validation in the SMC may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially leading to data corruption. The Redfish® API is a standardized RESTful interface for out-of-band management of servers and other hardware.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.