Integer Overflow Vulnerability in AMD NPU Driver
CVE-2024-36337
7.9HIGH
Summary
An integer overflow in the AMD NPU Driver can allow a local attacker to write data beyond allocated memory boundaries. This vulnerability can lead to significant security risks including unauthorized access to sensitive data, compromise of system integrity, and potential disruption of availability. Users of affected versions are advised to apply the latest security updates to mitigate these risks.
Affected Version(s)
AMD Ryzen™ AI Software 1.3
References
CVSS V3.1
Score:
7.9
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved