AMD Security Bulletin AMD-SB-7028, February 2025

Vulnerability Disclosure:

Supermicro is aware of the System Management Mode (SMM) callout vulnerability reported by Eclypsium in the AmdPlatformRasSspSmm UEFI module supported on multiple AMD processors. This issue affects AMD EPYC™ 2nd Gen Processors and H11 and H12 generations of products.

CVE:

CVE-2024-21924
- Severity: High

Findings:

This is an SMM callout vulnerability within the AmdPlatformRasSspSmm UEFI module, which is supported on various AMD processors. The report noted that this vulnerability could allow attackers to execute arbitrary code within SMM.

Analysis by AMD is that a ring 0 attacker could modify boot service tables to point to malicious code, potentially resulting in arbitrary code execution within SMM. AMD plans to release mitigations to address this vulnerability.

SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.

Affected products:

AMD Motherboard Generation	BIOS Version with the fix
H11 – Rome	v 3.1
H12 – Rome	v 3.1

Remediation:

All affected Supermicro motherboard SKUs will require a BIOS update to mitigate this potential vulnerability.
An updated BIOS firmware had been created to mitigate this potential vulnerability. Supermicro is currently testing and validating affected products. Please check Release Notes for the resolution.

Resources:

AMD Security Notice AMD-SN-7028
- CVE-2024-21924

Servidores de montaje en bastidor

Procesador dual 1U

Procesador doble 2U

Procesador único

Multiprocesador

Familias de productos

Servidores GPU

Líneas GPU 8U/10U

Líneas GPU 4U

Líneas GPU 2U

Líneas GPU 1U

Servidores Twin

FlexTwin™

BigTwin®

GrandTwin®

TwinPro®

Twin

FatTwin®

Servidores blade

SuperBlade®

MicroBlade®

MicroCloud

Servidores de almacenamiento

Todos los sistemas de almacenamiento

Todo Flash NVMe

Almacenamiento de carga superior

JBOF

Almacenamiento optimizado para empresas

Cajas de almacenamiento JBOD

Placas base

Placas de servidor

Estaciones de trabajo

Placas integradas / IoT

Placas de sobremesa / juegos

Gen. anterior

Matriz de placas base

SKU globales

Chasis

Chasis 1U

Chasis 2U

Chasis 3U

Chasis 4U / Torre

Media / Minitorre

Chasis integrados / IoT

Racks móviles / Kits de unidades

Cajas de almacenamiento JBOD

SKU globales

SuperRack®

Ingeniería de soluciones para centros de datos (DCSE)

Servicio de integración de racks

Accesorios

Matriz de cables

Matriz de tarjetas Riser

Matriz de AOC de almacenamiento

Matriz de fuentes de alimentación

Matriz de disipadores térmicos

Matriz de ventiladores

Bastidores móviles / Kits de unidad

Biseles frontales de chasis

Almacenamiento, E/S, Seguridad

Servidores Edge y Telecom

Sistemas Edge sin ventilador

Sistemas Edge compactos

Sistemas GPU Edge

Sistemas Edge para exteriores

Sistemas de red Edge 1U

Sistemas 5G/Telecom

Componentes integrados

Placas base integradas

Chasis integrados

Conmutadores

Adaptadores

SuperWorkstations

Liquid-Cooled AI Development Platform

Un solo procesador

Doble procesador

Soluciones Supero™ para juegos

Infraestructura de IA

AI SuperCluster

IA empresarial