Vulnerability-Lookup

CVE-2024-36324 (GCVE-0-2024-36324)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:29 – Updated: 2026-02-12 04:55

Summary

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

URL

Tags

https://www.amd.com/en/resources/product-security…

Impacted products

Vendor

Product

Version

AMD

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics; AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics

Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7000 Series Desktop Processors; AMD Ryzen™ 8000 Series Desktop Processors; AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 9000HX Series Mobile Processors (formerly codenamed "Fire Range")	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Al Max+	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ AI 300 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 9000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V710	Unaffected: Contact your AMD Customer Engineering representative
AMD	V620/NV21	Unaffected: hotfix5

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36324",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T04:55:11.973Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics;\r\nAMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors;\r\nAMD Ryzen\u2122 8000 Series Desktop Processors;\r\nAMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors (formerly codenamed \"Fire Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Al Max+",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "V620/NV21",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "hotfix5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-11T14:10:37.492Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:29:47.274Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36324",
    "datePublished": "2026-02-11T14:29:47.274Z",
    "dateReserved": "2024-05-23T19:44:40.301Z",
    "dateUpdated": "2026-02-12T04:55:11.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-36324\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2026-02-11T15:16:11.990\",\"lastModified\":\"2026-02-11T15:27:26.370\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.0,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"references\":[{\"url\":\"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html\",\"source\":\"psirt@amd.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-36324\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-11T15:40:32.475209Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-11T15:40:33.130Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Reported through AMD Bug Bounty Program\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 6000 Series Processors with Radeon\\u2122 Graphics;\\r\\nAMD Ryzen\\u2122 7035 Series Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7040 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7020 Series Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7045 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7000 Series Desktop Processors;\\r\\nAMD Ryzen\\u2122 8000 Series Desktop Processors;\\r\\nAMD Ryzen\\u2122 9000 Series Desktop Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 9000HX Series Mobile Processors (formerly codenamed \\\"Fire Range\\\")\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Al Max+\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 AI 300 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 9000 Series Desktop Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 8000 Series Desktop Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded 7000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\\u00ae Catalyst\\u2122 driver [25.6.1] (68926)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded 9000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\\u00ae Catalyst\\u2122 driver [25.6.1] (68926)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded 8000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\\u00ae Catalyst\\u2122 driver [25.6.1] (68926)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 RX 5000 Series Graphics Products\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 PRO W5000 Series Graphics Products\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 RX 6000 Series Graphics Products\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 PRO W6000 Series Graphics Products\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 RX 7000 Series Graphics Products\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 PRO W7000 Series Graphics Products\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 RX 9000 Series Graphics Products\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 PRO V520\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"Contact your AMD Customer Engineering representative\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 PRO V620\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"Contact your AMD Customer Engineering representative\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Radeon\\u2122 PRO V710\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"Contact your AMD Customer Engineering representative\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"V620/NV21\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"hotfix5\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2026-02-11T14:10:37.492Z\", \"references\": [{\"url\": \"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html\"}], \"x_generator\": {\"engine\": \"AMD PSIRT Automation 1.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787  Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"shortName\": \"AMD\", \"dateUpdated\": \"2026-02-11T14:29:47.274Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-36324\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-11T15:42:59.476Z\", \"dateReserved\": \"2024-05-23T19:44:40.301Z\", \"assignerOrgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"datePublished\": \"2026-02-11T14:29:47.274Z\", \"assignerShortName\": \"AMD\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2024-36324

Vulnerability from fkie_nvd - Published: 2026-02-11 15:16 - Updated: 2026-02-11 15:27

Severity ?

8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.

References

	URL	Tags
	psirt@amd.com	https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution."
    }
  ],
  "id": "CVE-2024-36324",
  "lastModified": "2026-02-11T15:27:26.370",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 6.0,
        "source": "psirt@amd.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-11T15:16:11.990",
  "references": [
    {
      "source": "psirt@amd.com",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
    }
  ],
  "sourceIdentifier": "psirt@amd.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@amd.com",
      "type": "Secondary"
    }
  ]
}

WID-SEC-W-2026-0383

Vulnerability from csaf_certbund - Published: 2026-02-10 23:00 - Updated: 2026-02-12 23:00

Summary

AMD Radeon: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Radeon bezeichnet eine Familie von Grafikkarten von AMD.

Angriff

Ein Angreifer kann mehrere Schwachstellen in AMD Radeon ausnutzen, um sich erweiterte Berechtigungen zu verschaffen, beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.

Betroffene Betriebssysteme

- UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Radeon bezeichnet eine Familie von Grafikkarten von AMD.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in AMD Radeon ausnutzen, um sich erweiterte Berechtigungen zu verschaffen, beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0383 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0383.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0383 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0383"
      },
      {
        "category": "external",
        "summary": "AMD Graphics Driver Vulnerabilities \u2013 February 2026 vom 2026-02-10",
        "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6024.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-329 vom 2026-02-11",
        "url": "https://www.dell.com/support/kbdoc/de-de/000359234/dsa-2025-329"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-201021 vom 2026-02-10",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-201021"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-090 vom 2026-02-11",
        "url": "https://www.dell.com/support/kbdoc/en-us/000426707/dsa-2026-090-security-update-for-dell-amd-based-graphics-driver-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04091 vom 2025-12-05",
        "url": "https://support.hp.com/de-de/document/ish_14068972-14069154-16/HPSBHF04091"
      }
    ],
    "source_lang": "en-US",
    "title": "AMD Radeon: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-02-12T23:00:00.000+00:00",
      "generator": {
        "date": "2026-02-13T08:02:58.092+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0383",
      "initial_release_date": "2026-02-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-02-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-02-12T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Graphics",
                "product": {
                  "name": "AMD Radeon Graphics",
                  "product_id": "T050797",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:radeon:graphics"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Radeon"
          }
        ],
        "category": "vendor",
        "name": "AMD"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T043182",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Dell PowerEdge",
            "product": {
              "name": "Dell PowerEdge",
              "product_id": "T036715",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T031288",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T048897",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-26381",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26381"
    },
    {
      "cve": "CVE-2021-26410",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26410"
    },
    {
      "cve": "CVE-2023-20548",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-20548"
    },
    {
      "cve": "CVE-2023-20601",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-20601"
    },
    {
      "cve": "CVE-2023-31313",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-31313"
    },
    {
      "cve": "CVE-2023-31323",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-31323"
    },
    {
      "cve": "CVE-2023-31324",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-31324"
    },
    {
      "cve": "CVE-2024-36316",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36316"
    },
    {
      "cve": "CVE-2024-36319",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36319"
    },
    {
      "cve": "CVE-2024-36320",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36320"
    },
    {
      "cve": "CVE-2024-36324",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36324"
    },
    {
      "cve": "CVE-2025-21940",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-21940"
    },
    {
      "cve": "CVE-2025-48503",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48503"
    },
    {
      "cve": "CVE-2025-48508",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48508"
    },
    {
      "cve": "CVE-2025-48518",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48518"
    }
  ]
}

GHSA-VPHR-3GFG-4G86

Vulnerability from github – Published: 2026-02-11 15:30 – Updated: 2026-02-11 15:30

Details

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-36324"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-11T15:16:11Z",
    "severity": "HIGH"
  },
  "details": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.",
  "id": "GHSA-vphr-3gfg-4g86",
  "modified": "2026-02-11T15:30:27Z",
  "published": "2026-02-11T15:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36324"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-36324 (GCVE-0-2024-36324)

FKIE_CVE-2024-36324

WID-SEC-W-2026-0383

GHSA-VPHR-3GFG-4G86

Tags

Sightings

Nomenclature