Out-of-Bounds Memory Read Vulnerability in PMFW Could Lead to Denial of Service
CVE-2023-31307
4.4MEDIUM
Key Information:
- Vendor
- Amd
- Status
- Amd Radeon™ Rx 6000 Series Graphics Cards
- Amd Radeon™ Pro W6000 Series Graphics Cards
- Vendor
- CVE Published:
- 13 August 2024
Summary
An improper validation vulnerability exists within the Power Management Firmware used in AMD products. A privileged attacker can exploit this weakness to initiate an out-of-bounds memory read. This can potentially disrupt services, leading to a denial of service condition. Users of the firmware should be aware of the implications of this vulnerability and consider measures to mitigate the risks associated with it.
Affected Version(s)
AMD Radeon™ PRO W6000 Series Graphics Cards AMD Software: PRO Edition 23.Q4 (23.30.13.03)
AMD Radeon™ RX 6000 Series Graphics Cards AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database