Malicious Message Denial of Service Vulnerability
CVE-2023-20513

3.3LOW

Key Information:

Vendor
Amd
Status
Amd Radeon™ Rx 6000 Series Graphics Cards
Amd Radeon™ Pro W6000 Series Graphics Cards
Vendor
CVE Published:
13 August 2024

Summary

The vulnerability in AMD's Power Management Firmware arises from an insufficient bounds check that can be exploited by an attacker. By utilizing a malicious virtualization function, an attacker may send a malformed message targeting the firmware. This exploitation could lead to a potential denial of service, disrupting normal operations and affecting system performance. It is essential for users to review their firmware versions and apply any available security measures as recommended by AMD.

Affected Version(s)

AMD Radeon™ PRO W6000 Series Graphics Cards AMD Software: PRO Edition 23.Q4 (23.30.13.03)

AMD Radeon™ RX 6000 Series Graphics Cards AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.