CVE-2024-36342: Intel GPU Driver Heap Overflow Arbitrary Code Execution
CVE-2024-36342 Published on September 6, 2025

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.

NVD

Vulnerability Analysis

CVE-2024-36342 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

Improper Validation of Specified Index, Position, or Offset in Input

The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.


Products Associated with CVE-2024-36342

stack.watch emails you whenever new vulnerabilities are published in Intel Graphics Driver or Google Chrome. Just hit a watch button to start following.

Intel Graphics Driver
 
Google Chrome
 

Affected Versions

AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics: AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics: AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 7000 Series Desktop Processors: AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ AI 300 Series Processors: AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics: AMD Ryzen™ 8000 Series Desktop Processors: AMD Ryzen™ 9000 Series Desktop Processors: AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 4000 Series Desktop Processors: AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics: AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics: AMD Ryzen™ Embedded R2000 Series Processors: AMD Ryzen™ Embedded V2000 Series Processors: AMD Ryzen™ Embedded 8000 Series: AMD Ryzen™ Embedded 7000 Series Processors: AMD Radeon™ RX 5000 Series Graphics Products: AMD Radeon™ PRO W5000 Series Graphics Products: AMD Radeon™ RX 6000 Series Graphics Products: AMD Radeon™ PRO W6000 Series Graphics Products: AMD Radeon™ RX 7000 Series Graphics Products: AMD Radeon™ PRO W7000 Series Graphics Products: AMD Radeon™ RX 9000 Series Graphics Products: AMD Radeon™ RX Vega Series Graphics Cards: AMD Radeon™ PRO VII: AMD Instinct™ MI210: AMD Instinct™ MI250: AMD Instinct™ MI300A: AMD Instinct™ MI300X: AMD Instinct™ MI308X: AMD Instinct™ MI325X: AMD Radeon™ PRO V520 Graphics Products: AMD Radeon™ PRO V620 Graphics Products: AMD Radeon™ PRO V710 Graphics Products:

Exploit Probability

EPSS
0.03%
Percentile
8.06%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.