What is GHSA-4c4q-g449-2566?

GHSA-4c4q-g449-2566 is a security advisory published by GitHub Security Advisories with Medium severity. Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker...

Which CVE IDs does GHSA-4c4q-g449-2566 cover?

GHSA-4c4q-g449-2566 covers the following CVE IDs: CVE-2024-21944. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-4c4q-g449-2566?

GHSA-4c4q-g449-2566 has a CVSS v3 base score of 5.3, published by GitHub Security Advisories.

GHSA-4c4q-g449-2566MediumCVSS 5.3

Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker...

Vendor

GitHub Security Advisories

Published

June 11, 2026

Last Modified

June 11, 2026

🔗 CVE IDs covered (1)

CVE-2024-21944 →

📋 Description

Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integrity.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2024-21944
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3015.html
https://github.com/advisories/GHSA-4c4q-g449-2566