Improper Array Index Validation in AMD Graphics Driver
CVE-2023-31306

3.3LOW

Key Information:

Vendor: Amd
Status: Amd Radeon™ Rx 5000 Series Graphics Products; Amd Radeon™ Pro W5000 Series Graphics Products; Amd Radeon™ Rx 6000 Series Graphics Products; Amd Radeon™ Pro W6000 Series Graphics Products
Vendor: CVE Published:; 6 September 2025

What is CVE-2023-31306?

The vulnerability stems from inadequate validation of an array index in the AMD graphics driver software. This oversight allows attackers to provide malformed arguments to the dynamic power management (DPM) functions, which can lead to out-of-bounds reading. As a consequence, this may result in a loss of availability, potentially compromising the functionality of systems utilizing affected AMD graphics drivers.

Affected Version(s)

AMD Radeon™ PRO V520 Graphics Products Contact your AMD Customer Engineering representative

AMD Radeon™ PRO V620 Graphics Products Contact your AMD Customer Engineering representative

AMD Radeon™ PRO W5000 Series Graphics Products No fix planned

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2025
Vulnerability Reserved
Apr 27, 2023

Amd

What is CVE-2023-31306?

Affected Version(s)

References

CVSS V3.1

Timeline