mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
60 lines
1.8 KiB
JSON
60 lines
1.8 KiB
JSON
{
|
|
"id": "CVE-2024-36353",
|
|
"sourceIdentifier": "psirt@amd.com",
|
|
"published": "2025-03-02T18:15:34.033",
|
|
"lastModified": "2025-03-02T18:15:34.033",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values, potentially leading to loss of confidentiality."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una depuraci\u00f3n insuficiente de la memoria global de la GPU podr\u00eda permitir que un proceso malicioso que se ejecuta en la misma GPU lea valores de memoria restantes, lo que podr\u00eda provocar una p\u00e9rdida de confidencialidad."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "psirt@amd.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
|
"baseScore": 6.5,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "CHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"exploitabilityScore": 2.0,
|
|
"impactScore": 4.0
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "psirt@amd.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-459"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6019.html",
|
|
"source": "psirt@amd.com"
|
|
}
|
|
]
|
|
} |