Insufficient Memory Clearance in AMD GPUs Exposes Confidential Data
CVE-2024-36353
6.5MEDIUM
Summary
A vulnerability exists in certain AMD GPUs due to insufficient clearing of global memory. This oversight could permit malicious processes operating on the same GPU to access residual memory values, therefore compromising data confidentiality. Users of affected AMD GPU models should review security advisories and apply best practices to mitigate risks.
Affected Version(s)
Radeon Software for Linux TBD
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved