Insufficient Memory Clearance in AMD GPUs Exposes Confidential Data
CVE-2024-36353

6.5MEDIUM

Key Information:

Vendor
Amd
Vendor
CVE Published:
2 March 2025

Summary

A vulnerability exists in certain AMD GPUs due to insufficient clearing of global memory. This oversight could permit malicious processes operating on the same GPU to access residual memory values, therefore compromising data confidentiality. Users of affected AMD GPU models should review security advisories and apply best practices to mitigate risks.

Affected Version(s)

Radeon Software for Linux TBD

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.