CVE-2024-36336

Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability.

CVSS v3 7.9 HIGH

7.9^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 5.3

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html

Configurations

No configuration.

History

No history.

Information

Published : 2025-04-02 17:15

Updated : 2025-04-07 14:18

NVD link : CVE-2024-36336

Mitre link : CVE-2024-36336

CVE.ORG link : CVE-2024-36336

JSON object : View

Products Affected

No product.

CWE

CWE-190

Integer Overflow or Wraparound

7.9 /10