Radeon software

This hub aggregates every CVE we track for Radeon software, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Radeon software.

• CVE-2024-36333A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.7.8May 15, 2026
• CVE-2023-20548A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.7.8Feb 11, 2026
• CVE-2023-31324A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they ...7.8Feb 11, 2026
• CVE-2024-21937Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.7.3Nov 12, 2024
• CVE-2023-31307Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.2.3Aug 13, 2024
• CVE-2023-20510An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.4.7Aug 13, 2024
• CVE-2021-26367A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrit...5.7Aug 13, 2024
• CVE-2023-31320Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service. 7.5Nov 14, 2023
• CVE-2023-20568Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature pot...6.7Nov 14, 2023
• CVE-2023-20567Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signatur...6.7Nov 14, 2023
• CVE-2021-46748Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potentia...5.5Nov 14, 2023
• CVE-2023-20598 An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical...7.8Oct 17, 2023
• CVE-2023-20586Radeon™ Software Crimson ReLive Edition9.8Aug 8, 2023
• CVE-2021-26392Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loadin...7.8Nov 9, 2022
• CVE-2021-26360An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s...7.8Nov 9, 2022