CVE-2024-21971

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 12, 2025

CWE ID 20

Summary

CVE-2024-21971 is a newly disclosed vulnerability affecting AMD Crash Defender. This issue arises due to improper input validation, which enables an attacker to supply an unauthorized Windows system process ID to a kernel-mode driver. Consequently, the operating system may crash, leading to potential denial of service (DoS) attacks. To mitigate this risk, affected users are advised to apply the forthcoming patch from AMD as soon as it becomes available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uA4mx_
https://www.cve.org/CVERecord?id=CVE-2024-21971
https://nvd.nist.gov/vuln/detail/CVE-2024-21971

Back to Vulnerability Database

CVE-2024-21971

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations