Arbitrary Code Execution Vulnerability in AMD Radeon™ Driver
CVE-2024-21972
5.3MEDIUM
Key Information
- Vendor
- Amd
- Status
- Amd Software: Adrenalin Edition
- Amd Software: Pro Edition
- Vendor
- CVE Published:
- 23 April 2024
Summary
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution.
Affected Version(s)
AMD Software: Adrenalin Edition < 12.1.1
AMD Software: PRO Edition < 24.Q1
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database