Potential Loss of Availability Due to Improper Input Validation in SMU
CVE-2023-31304

2.3LOW

Key Information:

Vendor

Amd
Status
Amd Radeon™ Rx 6000 Series Graphics Cards
Amd Radeon™ Pro W6000 Series Graphics Cards
Vendor
CVE Published:
13 August 2024

What is CVE-2023-31304?

The vulnerability in AMD's System Management Unit (SMU) arises from improper input validation, which can be exploited by an attacker with privileges who has compromised a physical function (PF). This flaw allows the manipulation of PCIe lane count and speed settings, which could lead to significant availability issues. Organizations utilizing affected AMD components must take precautionary measures to mitigate potential risks and ensure system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AMD Radeon™ PRO W6000 Series Graphics Cards AMD Software: PRO Edition 23.Q4 (23.30.13.03)

AMD Radeon™ RX 6000 Series Graphics Cards AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
2.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.