CVE-2024-36337

Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability.

CVSS v3 7.9 HIGH

7.9^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 5.3

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html

Configurations

No configuration.

History

07 Apr 2025, 14:18

Type	Values Removed	Values Added
Summary		(es) El desbordamiento entero dentro del conductor de la NPU de AMD podría permitir que un atacante local escriba desde los límites, lo que potencialmente conduce a la pérdida de confidencialidad, integridad o disponibilidad.

02 Apr 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-02 17:15

Updated : 2025-04-07 14:18

NVD link : CVE-2024-36337

Mitre link : CVE-2024-36337

CVE.ORG link : CVE-2024-36337

JSON object : View

Products Affected

No product.

CWE

CWE-190

Integer Overflow or Wraparound

7.9 /10