Vulnerability in Video Decoder Engine Firmware from AMD
CVE-2024-36319

6.3MEDIUM

Key Information:

Vendor

Amd
Status
Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics; amd Ryzen™ 8040 Series Mobile Processors With Radeon™ Graphics
Amd Ryzen™ Ai Max Series Processors
Amd Ryzen™ Ai 300 Series Processors
Amd Ryzen™ 8000 Series Desktop Processors
Vendor
CVE Published:
12 February 2026

What is CVE-2024-36319?

A vulnerability exists in AMD's Video Decoder Engine Firmware that stems from debug code being unnecessarily active. This flaw enables an attacker to send crafted commands, which could manipulate hardware registers. The potential consequences of this vulnerability include unauthorized access to sensitive information, disruption of system operations, and compromises to both system integrity and availability. Users of affected firmware versions should take immediate action to mitigate the risk associated with this exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AMD Instinct™ MI300A ROCm 6.2.4

AMD Instinct™ MI300X ROCm 6.2.4

AMD Instinct™ MI308X ROCm 6.2.4

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.