Amd Amd Ryzen™ Ai 300 Series Processors
22 CVEs affecting Amd Amd Ryzen™ Ai 300 Series Processors. Latest disclosed: 2026-05-19. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36324 | High | 8.8 | 2026-02-11 | Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution. |
CVE-2024-36342 | High | 8.8 | 2025-09-06 | Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. |
CVE-2024-36326 | High | 8.4 | 2025-09-06 | Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting i… |
CVE-2025-0032 | High | 7.2 | 2025-09-06 | Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially res… |
CVE-2025-0010 | Medium | 6.1 | 2025-09-06 | An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity… |
CVE-2024-36343 | | 2026-05-19 | Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write… | |
CVE-2025-48516 | | 2026-05-15 | Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotec… | |
CVE-2025-0044 | | 2026-05-15 | An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentialit… | |
CVE-2024-21962 | | 2026-05-15 | Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation… | |
CVE-2026-0438 | | 2026-05-15 | A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active use… | |
CVE-2026-0432 | | 2026-05-15 | Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arb… | |
CVE-2025-0045 | | 2026-05-15 | Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting… | |
CVE-2024-36345 | | 2026-05-15 | Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, po… | |
CVE-2025-62625 | | 2026-05-14 | Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in un… | |
CVE-2025-62619 | | 2026-05-14 | Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, p… | |
CVE-2025-54502 | | 2026-04-16 | Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve… | |
CVE-2024-36319 | | 2026-02-12 | Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to per… | |
CVE-2025-52533 | | 2026-02-12 | Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentia… | |
CVE-2025-48518 | | 2026-02-11 | Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of s… | |
CVE-2024-36320 | | 2026-02-11 | Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and… |