CVE-2022-23831

Summary

Insufficient validation of the IOCTL input buffer in AMD μProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service.

Affected Software

VendorProductVersion RangeStatus
AMDAMD μProfAMDuProf_FreeBSD_x64 < 3.6.549affected
AMDAMD μProfAMDuProf Windows < 3.6.839affected
AMDAMD μProfAMDuProf Linux < 3.6-449affected

Weaknesses

  • NA

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References