Integer Overflow Vulnerability in AMD NPU Driver
CVE-2024-36328

7.3HIGH

Key Information:

Vendor
Amd
Vendor
CVE Published:
2 April 2025

Summary

An integer overflow vulnerability exists in the AMD NPU Driver, which may allow a local attacker to execute code outside of intended memory boundaries. This weakness could potentially compromise the integrity and availability of the system, highlighting the importance of timely updates and patches to mitigate associated risks.

Affected Version(s)

AMD Ryzen™ AI Software 1.3

References

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.