Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
History

Wed, 27 Nov 2024 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Amd radeon Software
Amd radeon Software For Hip
CPEs cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*
cpe:2.3:a:amd:radeon_software:*:*:*:*:cloud:*:*:*
cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*
cpe:2.3:a:amd:radeon_software_for_hip:*:*:*:*:pro:*:*:*
Vendors & Products Amd radeon Software
Amd radeon Software For Hip

Thu, 14 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd amd Software Adrenalin Edition
Amd amd Software Cloud Edition
Amd amd Software Pro Edition
CPEs cpe:2.3:a:amd:amd_software_adrenalin_edition:*:*:*:*:*:*:*:*
cpe:2.3:a:amd:amd_software_cloud_edition:*:*:*:*:*:*:*:*
cpe:2.3:a:amd:amd_software_pro_edition:*:*:*:*:*:*:*:*
Vendors & Products Amd
Amd amd Software Adrenalin Edition
Amd amd Software Cloud Edition
Amd amd Software Pro Edition
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 12 Nov 2024 17:30:00 +0000

Type Values Removed Values Added
Description Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2024-11-12T17:14:20.641Z

Updated: 2024-11-14T16:26:04.560Z

Reserved: 2024-01-03T16:43:14.977Z

Link: CVE-2024-21937

cve-icon Vulnrichment

Updated: 2024-11-14T16:25:55.803Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-12T18:15:17.863

Modified: 2024-11-27T16:20:37.073

Link: CVE-2024-21937

cve-icon Redhat

No data.