6
CVE-2024-36346
- EPSS 0.02%
- Published 06.09.2025 17:43:14
- Last modified 08.09.2025 16:25:38
- Source psirt@amd.com
- Teams watchlist Login
- Open Login
Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorAMD
≫
Product
AMD Instinct™ MI300A
Default Statusaffected
Version
BKC 21
Status
unaffected
VendorAMD
≫
Product
AMD Instinct™ MI300X
Default Statusaffected
Version
BKC 24.13
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.038 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| psirt@amd.com | 6 | 1.5 | 4 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
|
CWE-1284 Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.