Heap Overflow Vulnerability in AMD GPU Driver
CVE-2024-36342

8.8HIGH

Key Information:

Vendor: Amd
Status: Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics; Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics; Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics; Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics
Vendor: CVE Published:; 6 September 2025

What is CVE-2024-36342?

The AMD GPU driver has a vulnerability due to improper input validation, which could lead to a heap overflow. This flaw allows malicious actors to potentially execute arbitrary code, posing a significant risk to systems utilizing the impacted driver versions. It is crucial for users to apply patches and updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Radeon Software for Linux 25.10.x

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Radeon Software for Linux 25.10.x

AMD Instinct™ MI210 ROCm 6.4

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2025
Vulnerability Reserved
May 23, 2024

Credit

Reported through AMD Bug Bounty Program

Amd

What is CVE-2024-36342?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit