Vulnerability-Lookup

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Radeon bezeichnet eine Familie von Grafikkarten von AMD.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in AMD Radeon ausnutzen, um sich erweiterte Berechtigungen zu verschaffen, beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0383 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0383.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0383 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0383"
      },
      {
        "category": "external",
        "summary": "AMD Graphics Driver Vulnerabilities \u2013 February 2026 vom 2026-02-10",
        "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6024.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-329 vom 2026-02-11",
        "url": "https://www.dell.com/support/kbdoc/de-de/000359234/dsa-2025-329"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-201021 vom 2026-02-10",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-201021"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-090 vom 2026-02-11",
        "url": "https://www.dell.com/support/kbdoc/en-us/000426707/dsa-2026-090-security-update-for-dell-amd-based-graphics-driver-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04091 vom 2025-12-05",
        "url": "https://support.hp.com/de-de/document/ish_14068972-14069154-16/HPSBHF04091"
      }
    ],
    "source_lang": "en-US",
    "title": "AMD Radeon: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-02-12T23:00:00.000+00:00",
      "generator": {
        "date": "2026-02-13T08:02:58.092+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0383",
      "initial_release_date": "2026-02-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-02-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-02-12T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Graphics",
                "product": {
                  "name": "AMD Radeon Graphics",
                  "product_id": "T050797",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:radeon:graphics"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Radeon"
          }
        ],
        "category": "vendor",
        "name": "AMD"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T043182",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Dell PowerEdge",
            "product": {
              "name": "Dell PowerEdge",
              "product_id": "T036715",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T031288",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T048897",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-26381",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26381"
    },
    {
      "cve": "CVE-2021-26410",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26410"
    },
    {
      "cve": "CVE-2023-20548",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-20548"
    },
    {
      "cve": "CVE-2023-20601",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-20601"
    },
    {
      "cve": "CVE-2023-31313",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-31313"
    },
    {
      "cve": "CVE-2023-31323",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-31323"
    },
    {
      "cve": "CVE-2023-31324",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-31324"
    },
    {
      "cve": "CVE-2024-36316",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36316"
    },
    {
      "cve": "CVE-2024-36319",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36319"
    },
    {
      "cve": "CVE-2024-36320",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36320"
    },
    {
      "cve": "CVE-2024-36324",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36324"
    },
    {
      "cve": "CVE-2025-21940",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-21940"
    },
    {
      "cve": "CVE-2025-48503",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48503"
    },
    {
      "cve": "CVE-2025-48508",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48508"
    },
    {
      "cve": "CVE-2025-48518",
      "product_status": {
        "known_affected": [
          "T036715",
          "T031288",
          "T043182",
          "T050797",
          "T048897"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48518"
    }
  ]
}

CVE-2024-36324 (GCVE-0-2024-36324)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:29 – Updated: 2026-02-12 04:55

Summary

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics; AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics

Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7000 Series Desktop Processors; AMD Ryzen™ 8000 Series Desktop Processors; AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 9000HX Series Mobile Processors (formerly codenamed "Fire Range")	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Al Max+	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ AI 300 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 9000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V710	Unaffected: Contact your AMD Customer Engineering representative
AMD	V620/NV21	Unaffected: hotfix5

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36324",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T04:55:11.973Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics;\r\nAMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors;\r\nAMD Ryzen\u2122 8000 Series Desktop Processors;\r\nAMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors (formerly codenamed \"Fire Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Al Max+",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "V620/NV21",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "hotfix5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-11T14:10:37.492Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:29:47.274Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36324",
    "datePublished": "2026-02-11T14:29:47.274Z",
    "dateReserved": "2024-05-23T19:44:40.301Z",
    "dateUpdated": "2026-02-12T04:55:11.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-20548 (GCVE-0-2023-20548)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:35 – Updated: 2026-02-11 15:42

Summary

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.

Severity ?

7.1 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

CWE

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Radeon™ RX 5000 Series Graphics Products

Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ VII	Unaffected: No fix planned
AMD	AMD Radeon™ PRO VII	Unaffected: No fix planned
AMD	AMD Instinct™ MI210	Unaffected: ROCm 6.2
AMD	AMD Instinct™ MI250	Unaffected: ROCm 6.2
AMD	AMD Instinct™ MI300X	Unaffected: ROCm 6.2
AMD	AMD Instinct™ MI300A	Unaffected: ROCm 6.2

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20548",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:36:36.072812Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T15:42:32.097Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI210",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI250",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        }
      ],
      "datePublic": "2026-02-11T14:11:10.415Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.\u003cbr\u003e"
            }
          ],
          "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367  Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:35:16.063Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20548",
    "datePublished": "2026-02-11T14:35:16.063Z",
    "dateReserved": "2022-10-27T18:53:39.744Z",
    "dateUpdated": "2026-02-11T15:42:32.097Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36316 (GCVE-0-2024-36316)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:27 – Updated: 2026-02-11 15:43

Summary

The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics; AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics

Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7000 Series Desktop Processors; AMD Ryzen™ 8000 Series Desktop Processors; AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 9000HX Series Mobile Processors (formerly codenamed "Fire Range")	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Al Max+	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 / AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 / AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V710	Unaffected: Contact your AMD Customer Engineering representative

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36316",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:36:44.691308Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T15:43:13.415Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics;\r\nAMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors;\r\nAMD Ryzen\u2122 8000 Series Desktop Processors;\r\nAMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors (formerly codenamed \"Fire Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Al Max+",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 / AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 / AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-11T14:10:24.334Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service\u003cbr\u003e"
            }
          ],
          "value": "The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190  Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:27:25.373Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36316",
    "datePublished": "2026-02-11T14:27:25.373Z",
    "dateReserved": "2024-05-23T19:44:32.297Z",
    "dateUpdated": "2026-02-11T15:43:13.415Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36320 (GCVE-0-2024-36320)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:33 – Updated: 2026-02-11 15:42

Summary

Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability

Severity ?

7 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics

Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ AI 300 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ AI MAX+	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 9000HX Series Mobile Processors (formerly codenamed "Fire Range")	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO WX 8000/9000 Series Graphics Cards	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)
AMD	AMD Radeon™ PRO VII	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)
AMD	AMD Radeon™ RX Vega Series Graphics Cards	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)
AMD	AMD Radeon™ RX 9000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)
AMD	AMD Radeon™ VII	Unaffected: AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36320",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:36:41.476444Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T15:42:49.026Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI MAX+",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors (formerly codenamed \"Fire Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO WX 8000/9000 Series Graphics Cards",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX Vega Series Graphics Cards",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-11T14:10:55.676Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability\u003cbr\u003e"
            }
          ],
          "value": "Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190  Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:33:53.297Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36320",
    "datePublished": "2026-02-11T14:33:53.297Z",
    "dateReserved": "2024-05-23T19:44:40.300Z",
    "dateUpdated": "2026-02-11T15:42:49.026Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48503 (GCVE-0-2025-48503)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:26 – Updated: 2026-02-12 04:55

Summary

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-427 - Uncontrolled Search Path Element

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir")

Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe

AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dragon Range")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael X3D")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael-X3D")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 4000 Series Desktop Processors (formerly codenamed "Renoir")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	Placeholder	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe
AMD	AMD Radeon™ RX 9000 Series Graphics Products	Unaffected: amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48503",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T04:55:15.687Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Placeholder",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd-software-adrenalin-edition-25.5.1-minimalsetup-250513_web.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-11T14:10:19.294Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427  Uncontrolled Search Path Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:26:49.430Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48503",
    "datePublished": "2026-02-11T14:26:49.430Z",
    "dateReserved": "2025-05-22T16:34:02.895Z",
    "dateUpdated": "2026-02-12T04:55:15.687Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48518 (GCVE-0-2025-48518)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:34 – Updated: 2026-02-11 15:42

Summary

Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics

Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Ryzen™ AI 300 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Al Max+	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.6.1 , AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ RX 9000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ PRO V710	Unaffected: Contact your AMD Customer Engineering representative

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48518",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:36:39.817787Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T15:42:44.303Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Al Max+",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.x.y), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 , AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-11T14:11:00.725Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service.\r\n \u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:34:29.714Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48518",
    "datePublished": "2026-02-11T14:34:29.714Z",
    "dateReserved": "2025-05-22T16:34:07.748Z",
    "dateUpdated": "2026-02-11T15:42:44.303Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-31324 (GCVE-0-2023-31324)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:34 – Updated: 2026-02-11 15:42

Summary

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.

Severity ?

7.1 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

CWE

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Radeon™ RX 5000 Series Graphics Products

Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Instinct™ MI210	Unaffected: ROCm 6.4
AMD	AMD Instinct™ MI250	Unaffected: ROCm 6.4
AMD	AMD Instinct™ MI300A	Unaffected: ROCm 6.4
AMD	AMD Instinct™ MI300X	Unaffected: ROCm 6.4

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-31324",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:36:37.735258Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T15:42:39.488Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI210",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI250",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.4"
            }
          ]
        }
      ],
      "datePublic": "2026-02-11T14:11:05.353Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.\u003cbr\u003e"
            }
          ],
          "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367  Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:34:54.024Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-31324",
    "datePublished": "2026-02-11T14:34:54.024Z",
    "dateReserved": "2023-04-27T15:25:41.424Z",
    "dateUpdated": "2026-02-11T15:42:39.488Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-20601 (GCVE-0-2023-20601)

Vulnerability from cvelistv5 – Published: 2026-02-12 17:31 – Updated: 2026-02-12 18:19

Summary

Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.

Severity ?

4.6 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

CWE

CWE-129 - Improper Validation of Array Index

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Radeon™ PRO VII

Unaffected: AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)

AMD Radeon™ VII

Unaffected: AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20601",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T18:08:09.857212Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T18:19:23.782Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
            }
          ]
        }
      ],
      "datePublic": "2026-02-12T17:31:25.269Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-129",
              "description": "CWE-129  Improper Validation of Array Index",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T17:31:40.694Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20601",
    "datePublished": "2026-02-12T17:31:40.694Z",
    "dateReserved": "2022-10-27T18:53:39.765Z",
    "dateUpdated": "2026-02-12T18:19:23.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-26410 (GCVE-0-2021-26410)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:48 – Updated: 2026-02-12 14:12

Summary

Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure.

Severity ?

1.8 (Low)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

CWE

CWE-822 - Untrusted Pointer Dereference

Assigner

AMD

References

URL

Tags

	https://www.amd.com/en/resources/product-security…
	https://www.amd.com/en/resources/product-security…

Impacted products

Vendor

Product

Version

AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics

Unaffected: ComboAM4v2 PI 1.2.0.5+ iGPU Driver Update

AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: RenoirPI-FP6 1.0.0.8
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.8
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.8
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: ComboAM4v2 PI 1.2.0.5
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: EmbeddedPI-FP6_1.0.0.6
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: EmbeddedPI-FP7r2_1.0.0.0
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact your AMD Customer Engineering representative

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-26410",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T20:50:03.494468Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-10T20:50:34.974Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5+ iGPU Driver Update"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5_1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2_1.0.0.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "datePublic": "2026-02-12T14:11:22.042Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure. \u003cbr\u003e"
            }
          ],
          "value": "Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "baseScore": 1.8,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-822",
              "description": "CWE-822  Untrusted Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T14:12:04.201Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-26410",
    "datePublished": "2026-02-10T19:48:36.645Z",
    "dateReserved": "2021-01-29T21:24:26.172Z",
    "dateUpdated": "2026-02-12T14:12:04.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36319 (GCVE-0-2024-36319)

Vulnerability from cvelistv5 – Published: 2026-02-12 17:41 – Updated: 2026-02-13 04:56

Summary

Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.

Severity ?

6.3 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H

CWE

CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics; AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics

Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2

AMD	AMD Ryzen™ AI MAX Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2
AMD	AMD Ryzen™ AI 300 Series Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1
AMD	AMD Instinct™ MI300X	Unaffected: ROCm 6.2.4
AMD	AMD Instinct™ MI300A	Unaffected: ROCm 6.2.4
AMD	AMD Instinct™ MI308X	Unaffected: ROCm 6.2.4
AMD	AMD Instinct™ MI325X	Unaffected: ROCm 6.2.4
AMD	AMD Radeon™ PRO V710	Unaffected: Contact your AMD Customer Engineering representative

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36319",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-13T04:56:39.730Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics;\r\nAMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI MAX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI308X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI325X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "datePublic": "2026-02-12T17:40:51.607Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Debug code left active in AMD\u0027s Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.\u003cbr\u003e"
            }
          ],
          "value": "Debug code left active in AMD\u0027s Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1191",
              "description": "CWE-1191  On-Chip Debug and Test Interface With Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T17:41:06.194Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36319",
    "datePublished": "2026-02-12T17:41:06.194Z",
    "dateReserved": "2024-05-23T19:44:40.300Z",
    "dateUpdated": "2026-02-13T04:56:39.730Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-21940 (GCVE-0-2025-21940)

Vulnerability from cvelistv5 – Published: 2025-04-01 15:41 – Updated: 2025-10-01 19:26

Title

drm/amdkfd: Fix NULL Pointer Dereference in KFD queue

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfd_queue_acquire_buffers. (cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530)

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-476 - NULL Pointer Dereference

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/c3cbeafb4e0001d91…
	https://git.kernel.org/stable/c/33eb8041c5d6c19d4…
	https://git.kernel.org/stable/c/fd617ea3b79d2116d…

Impacted products

Vendor

Product

Version

Linux

Affected: 629568d25fea8ece4f65073f039aeef4e240ab67 , < c3cbeafb4e0001d9146df50b470885e02664f3c7 (git)
Affected: 629568d25fea8ece4f65073f039aeef4e240ab67 , < 33eb8041c5d6c19d46e7bfd23a031844336afd80 (git)
Affected: 629568d25fea8ece4f65073f039aeef4e240ab67 , < fd617ea3b79d2116d53f76cdb5a3601c0ba6e42f (git)

Linux

Affected: 6.12
Unaffected: 0 , < 6.12 (semver)
Unaffected: 6.12.19 , ≤ 6.12.* (semver)
Unaffected: 6.13.7 , ≤ 6.13.* (semver)
Unaffected: 6.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-21940",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T19:22:08.810729Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T19:26:32.688Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_queue.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c3cbeafb4e0001d9146df50b470885e02664f3c7",
              "status": "affected",
              "version": "629568d25fea8ece4f65073f039aeef4e240ab67",
              "versionType": "git"
            },
            {
              "lessThan": "33eb8041c5d6c19d46e7bfd23a031844336afd80",
              "status": "affected",
              "version": "629568d25fea8ece4f65073f039aeef4e240ab67",
              "versionType": "git"
            },
            {
              "lessThan": "fd617ea3b79d2116d53f76cdb5a3601c0ba6e42f",
              "status": "affected",
              "version": "629568d25fea8ece4f65073f039aeef4e240ab67",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_queue.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.12"
            },
            {
              "lessThan": "6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.19",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.7",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix NULL Pointer Dereference in KFD queue\n\nThrough KFD IOCTL Fuzzing we encountered a NULL pointer derefrence\nwhen calling kfd_queue_acquire_buffers.\n\n(cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:25:12.026Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c3cbeafb4e0001d9146df50b470885e02664f3c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/33eb8041c5d6c19d46e7bfd23a031844336afd80"
        },
        {
          "url": "https://git.kernel.org/stable/c/fd617ea3b79d2116d53f76cdb5a3601c0ba6e42f"
        }
      ],
      "title": "drm/amdkfd: Fix NULL Pointer Dereference in KFD queue",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21940",
    "datePublished": "2025-04-01T15:41:05.977Z",
    "dateReserved": "2024-12-29T08:45:45.789Z",
    "dateUpdated": "2025-10-01T19:26:32.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-48508 (GCVE-0-2025-48508)

Vulnerability from cvelistv5 – Published: 2026-02-11 14:29 – Updated: 2026-02-11 15:43

Summary

Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service.

Severity ?

6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-1245 - Improper Finite State Machines (FSMs) in Hardware Logic

Assigner

AMD

References

URL

Tags

Impacted products

	Vendor	Product	Version
	AMD	AMD Radeon™ PRO V710	Unaffected: Contact your AMD Customer Engineering representative

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48508",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:36:43.278295Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T15:43:06.811Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "datePublic": "2026-02-11T14:10:32.568Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service.\u003cbr\u003e"
            }
          ],
          "value": "Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1245",
              "description": "CWE-1245  Improper Finite State Machines (FSMs) in Hardware Logic",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:29:11.534Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48508",
    "datePublished": "2026-02-11T14:29:11.534Z",
    "dateReserved": "2025-05-22T16:34:02.896Z",
    "dateUpdated": "2026-02-11T15:43:06.811Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-26381 (GCVE-0-2021-26381)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:47 – Updated: 2026-02-11 14:11

Summary

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption.

Severity ?

7.1 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

AMD

References

URL

Tags

	https://www.amd.com/en/resources/product-security…
	https://www.amd.com/en/resources/product-security…

Impacted products

Vendor

Product

Version

AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors

Unaffected: ChagallWSPI-sWRX8 1.0.0.2/ CastlePeakWSPI-sWRX8 1.0.0.9

AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: ComboAM4v2 PI 1.2.0.5
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.1
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5 1.0.0.E
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.8
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Unaffected: ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: RenoirPI-FP6 1.0.0.8
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: ComboAM4v2 PI 1.2.0.5
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: ComboAM4 V2 PI 1.2.0.8
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: EmbeddedPI-FP5 1.2.0.A
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Unaffected: EmbAM4PI 1.0.0.2
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: EmbeddedPI-FP5 1.2.0.A
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: 120A
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: EmbeddedPI-FP6_1.0.0.6
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: EmbeddedPI-FP7r2_0080
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact Your AMD Customer Engineering Represenatative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact Your AMD Customer Engineering Represenatative

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-26381",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T04:56:49.871Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.2/ CastlePeakWSPI-sWRX8 1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4 V2 PI 1.2.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5_1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "120A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2_0080"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact Your AMD Customer Engineering Represenatative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact Your AMD Customer Engineering Represenatative"
            }
          ]
        }
      ],
      "datePublic": "2026-02-11T14:10:05.596Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption.\u003cbr\u003e"
            }
          ],
          "value": "Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770  Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:11:54.692Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-26381",
    "datePublished": "2026-02-10T19:47:26.356Z",
    "dateReserved": "2021-01-29T21:24:26.159Z",
    "dateUpdated": "2026-02-11T14:11:54.692Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-31323 (GCVE-0-2023-31323)

Vulnerability from cvelistv5 – Published: 2026-02-12 17:45 – Updated: 2026-02-12 18:33

Summary

Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability.

Severity ?

8.4 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

CWE

CWE-843 - Access of Resource Using Incompatible Type (‘Type Confusion’)

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Radeon™ RX 5000 Series Graphics Products

Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)

AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
AMD	AMD Radeon™ VII	Affected: No fix planned
AMD	AMD Radeon™ PRO VII	Affected: No fix planned
AMD	AMD Instinct™ MI250	Unaffected: ROCm 6.2
AMD	AMD Instinct™ MI300A	Unaffected: ROCm 6.2
AMD	AMD Instinct™ MI210	Unaffected: ROCm 6.2
AMD	AMD Instinct™ MI300X	Unaffected: ROCm 6.2

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-31323",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T18:33:24.608813Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T18:33:47.900Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI250",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI210",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2"
            }
          ]
        }
      ],
      "datePublic": "2026-02-12T17:44:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability.\u003cbr\u003e"
            }
          ],
          "value": "Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-843",
              "description": "CWE-843  Access of Resource Using Incompatible Type (\u2018Type Confusion\u2019)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T17:45:36.223Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-31323",
    "datePublished": "2026-02-12T17:45:12.151Z",
    "dateReserved": "2023-04-27T15:25:41.423Z",
    "dateUpdated": "2026-02-12T18:33:47.900Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-31313 (GCVE-0-2023-31313)

Vulnerability from cvelistv5 – Published: 2026-02-12 14:16 – Updated: 2026-02-12 21:13

Summary

An unintended proxy or intermediary in the AMD power management firmware (PMFW) could allow a privileged attacker to send malformed messages to the system management unit (SMU) potentially resulting in arbitrary code execution.

Severity ?

7.2 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

CWE

CWE-441 - Unintended Proxy or Intermediary (?Confused Deputy?)

Assigner

AMD

References

URL

Tags

Impacted products

Vendor

Product

Version

AMD Instinct™ MI210

Unaffected: ROCm 6.4.2

AMD Instinct™ MI250

Unaffected: ROCm 6.4.2

Show details on NVD website