CVE-2023-31306
3.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AMD | AMD Radeon™ RX 5000 Series Graphics Products | No fix planned | unaffected |
| AMD | AMD Radeon™ PRO W5000 Series Graphics Products | No fix planned | unaffected |
| AMD | AMD Radeon™ RX 6000 Series Graphics Products | AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01) | unaffected |
| AMD | AMD Radeon™ PRO W6000 Series Graphics Products | AMD Software: PRO Edition 24.Q4 (24.20.30) | unaffected |
| AMD | AMD Radeon™ PRO V520 Graphics Products | Contact your AMD Customer Engineering representative | unaffected |
| AMD | AMD Radeon™ PRO V620 Graphics Products | Contact your AMD Customer Engineering representative | unaffected |
Weaknesses
- CWE-129: CWE-129 Improper Validation of Array Index
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.