Improper Input Validation in AMD Radeon Graphics Driver
CVE-2023-31320

7.5HIGH

Key Information:

Vendor: AMD
Status: Radeon™ RX 5000/6000/7000 Series Graphics Cards; Radeon™ PRO W5000/W6000/W7000 Series Graphics Cards; Radeon™ RX Vega Series Graphics Cards; Radeon™ PRO WX Vega Series Graphics Cards
Vendor: CVE Published:; 14 November 2023

Badges

👾 Exploit Exists🟡 Public PoC

Summary

An improper input validation vulnerability exists in the AMD Radeon Graphics display driver, which could potentially allow an attacker to exploit the system. This exploitation may lead to a corruption of the display output, thereby resulting in a denial of service condition. Users and administrators should ensure they are using the latest version of the driver and apply any recommended patches to safeguard their systems.

Affected Version(s)

Radeon™ PRO W5000/W6000/W7000 Series Graphics Cards x86 various

Radeon™ PRO WX Vega Series Graphics Cards x86 various

Radeon™ RX 5000/6000/7000 Series Graphics Cards x86 various

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-31320
Created by whypet

References

https://www.amd.com/en/corporate/product-security/bulleti...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2023
🟡
Public PoC available
Aug 22, 2023
👾
Exploit known to exist
Aug 22, 2023
Vulnerability Reserved
Apr 27, 2023