CVE-2023-20601

Summary

Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Radeon™ PRO VIIAMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)unaffected
AMDAMD Radeon™ VIIAMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)unaffected

Weaknesses

  • CWE-129: CWE-129 Improper Validation of Array Index

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References