CVE-2024-36324

Summary

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics;
AMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ 7000 Series Desktop Processors;
AMD Ryzen™ 8000 Series Desktop Processors;
AMD Ryzen™ 9000 Series Desktop ProcessorsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ 9000HX Series Mobile Processors (formerly codenamed “Fire Range”)AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ Al Max+AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ 8000 Series Desktop ProcessorsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Ryzen™ Embedded 7000 Series ProcessorsQ2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)unaffected
AMDAMD Ryzen™ Embedded 9000 Series ProcessorsQ2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)unaffected
AMDAMD Ryzen™ Embedded 8000 Series ProcessorsQ2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)unaffected
AMDAMD Radeon™ RX 5000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Radeon™ PRO W5000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Radeon™ RX 6000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Radeon™ PRO W6000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Radeon™ RX 7000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Radeon™ PRO W7000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Radeon™ RX 9000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)unaffected
AMDAMD Radeon™ PRO V520Contact your AMD Customer Engineering representativeunaffected
AMDAMD Radeon™ PRO V620Contact your AMD Customer Engineering representativeunaffected
AMDAMD Radeon™ PRO V710Contact your AMD Customer Engineering representativeunaffected
AMDV620/NV21hotfix5unaffected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References