CVE-2024-21975

Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.
Configurations

Configuration 1 (hide)

cpe:2.3:a:amd:ryzen_ai_software:*:*:*:*:*:*:*:*

History

15 Nov 2024, 19:15

Type Values Removed Values Added
References () https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html - () https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html - Vendor Advisory
First Time Amd ryzen Ai Software
Amd
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 7.8
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:amd:ryzen_ai_software:*:*:*:*:*:*:*:*

13 Nov 2024, 17:01

Type Values Removed Values Added
Summary
  • (es) Una validación de entrada incorrecta en el controlador NPU podría permitir que un atacante proporcione un puntero especialmente manipulado que podría conducir a la ejecución de código arbitrario.

12 Nov 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-12 18:15

Updated : 2024-11-15 19:15


NVD link : CVE-2024-21975

Mitre link : CVE-2024-21975

CVE.ORG link : CVE-2024-21975


JSON object : View

Products Affected

amd

  • ryzen_ai_software
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation