Amd Amd Ryzen™ 9000 Series Desktop Processors
25 CVEs affecting Amd Amd Ryzen™ 9000 Series Desktop Processors. Latest disclosed: 2026-05-19. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36324 | High | 8.8 | 2026-02-11 | Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution. |
CVE-2024-36342 | High | 8.8 | 2025-09-06 | Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. |
CVE-2024-36352 | High | 8.4 | 2025-09-06 | Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or… |
CVE-2024-36354 | High | 7.5 | 2025-09-06 | Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-comp… |
CVE-2025-0032 | High | 7.2 | 2025-09-06 | Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially res… |
CVE-2024-36353 | Medium | 6.5 | 2025-03-02 | Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss… |
CVE-2024-36347 | Medium | 6.4 | 2025-06-27 | Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, pot… |
CVE-2025-0010 | Medium | 6.1 | 2025-09-06 | An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity… |
CVE-2025-0009 | Medium | 5.5 | 2025-09-06 | A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss… |
CVE-2024-36343 | | 2026-05-19 | Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write… | |
CVE-2025-48516 | | 2026-05-15 | Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotec… | |
CVE-2024-21962 | | 2026-05-15 | Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation… | |
CVE-2026-0438 | | 2026-05-15 | A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active use… | |
CVE-2026-0432 | | 2026-05-15 | Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arb… | |
CVE-2025-0045 | | 2026-05-15 | Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting… | |
CVE-2024-36345 | | 2026-05-15 | Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, po… | |
CVE-2025-62625 | | 2026-05-14 | Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in un… | |
CVE-2025-62619 | | 2026-05-14 | Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, p… | |
CVE-2024-36315 | | 2026-05-13 | Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information… | |
CVE-2025-54502 | | 2026-04-16 | Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve… |