CVE-2024-36353

Summary

Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss of confidentiality.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 9000HX Series ProcessorsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ AI Max 300 Series ProcessorsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ Z2 Series Processors ExtremeRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 4000 Series Desktop ProcessorsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 8000 Series Desktop ProcessorsRadeon Software For Linux 25.10.1unaffected
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsRadeon Software For Linux 25.10.1unaffected
AMDRyzen™ Embedded R1000Kernel 6.12.25 LTSunaffected
AMDRyzen™ Embedded R2000Kernel 6.12.25 LTSunaffected
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed “Raven Ridge”)Kernel 6.12.25 LTSunaffected
AMDRyzen™ Embedded V2000Kernel 6.12.25 LTSunaffected
AMDRyzen™ Embedded V3000Kernel 6.12.25 LTSunaffected
AMDAMD Ryzen Embedded V2000A Series ProcessorsKernel 6.12.25 LTSunaffected
AMDAMD Radeon™ RX 5000/PRO W5000 Series Graphics ProductsRadeon Software For Linux 25.10.1unaffected
AMDAMD Radeon™ RX6000/PRO W6000 Series Graphics ProductsRadeon Software For Linux 25.10.1unaffected
AMDAMD Radeon™ RX 7000/PRO W7000 Series Graphics ProductsRadeon Software For Linux 25.10.1unaffected
AMDAMD Radeon™ PRO V520Contact your AMD Customer Engineering representativeunaffected
AMDAMD Radeon™ PRO V620Contact your AMD Customer Engineering representativeunaffected
AMDAMD Radeon™ PRO V710Contact your AMD Customer Engineering representativeunaffected

Weaknesses

  • CWE-459: CWE-459 Incomplete Cleanup

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References