Integer Overflow Vulnerability in AMD NPU Driver
CVE-2024-36337

7.9HIGH

Key Information:

Vendor

Amd
Status
Amd Ryzen™ Ai Software
Vendor
CVE Published:
2 April 2025

What is CVE-2024-36337?

An integer overflow in the AMD NPU Driver can allow a local attacker to write data beyond allocated memory boundaries. This vulnerability can lead to significant security risks including unauthorized access to sensitive data, compromise of system integrity, and potential disruption of availability. Users of affected versions are advised to apply the latest security updates to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AMD Ryzen™ AI Software 1.3

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
7.9
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.