CVE-2023-20509

Summary

An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Radeon™ RX 6000 Series Graphics CardsAMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)unaffected
AMDAMD Radeon™ PRO W6000 Series Graphics CardsAMD Software: PRO Edition 23.Q4 (23.30.13.03)unaffected
AMDAMD Radeon™ RX 7000 Series Graphics CardsAMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)unaffected
AMDAMD Radeon™ PRO W7000 Series Graphics CardsAMD Software: PRO Edition 23.Q4 (23.30.13.03)unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References