CVE-2023-31307

Published Aug 13, 2024

Last updated 5 months ago

CVSS low 2.3

Overview

Description: Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.
Source: psirt@amd.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.4
Impact score: 3.6
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-129
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-129

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F71B3286-B679-4DC0-BDD1-784AC5577094",
            "versionEndExcluding": "23.12.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6300m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6C66880A-FB33-477D-93FD-C280A4547D66"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CD3F898-5AB1-4E60-A086-ADCF33820154"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6450m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "863770A0-3A7F-43E3-98E5-77E42827FA6B"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6500_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC1F7CD2-7D13-48A9-A7CC-3547A1D241DB"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6500m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E4FED1D5-F31A-44C9-9101-D70486CC6FC7"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6550m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DEB12B48-ABF8-4FFB-BD4E-6413C34D477B"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6550s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E2D1C027-56B1-4EA7-842B-09B300B17808"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C24DE61-4036-42BF-A08F-67C234706703"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6600_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "03D9040F-1D1D-49E5-A60E-4393F5D76B60"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6600m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A76A792F-7026-4F29-9A00-3A2EAB2DE5FC"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6600s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "33DAF63F-C468-438C-97C3-B6CE8BD12858"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6650_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A82D4745-ACAB-4FC2-A63D-3B0FEA208BED"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6650m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FD80D674-1DD4-44E0-8C38-8341A7F392B1"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6650m_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10DD7029-9299-4901-A3D1-84D6102471B9"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F73C59A-CDE2-4203-921F-1831D4ACFD2A"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6700_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C980129B-D717-47F7-A6C1-5EB64FB1BF9A"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6700m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B76C585C-FCC8-456D-A63C-7A769AF5EB07"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6700s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FC0C52E8-26B1-4F77-B9D3-D08BFF72DAFB"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6750_gre:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49540C5D-CEC7-4BCB-882B-73843CAFD55A"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6750_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9466279D-0582-464E-AFCC-20872CC99B56"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12EF0B24-689D-4BE8-98D5-D88A84D5E473"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6800_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B58299A7-7CA4-4EF8-81DC-9A41AA84FB2A"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6800m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB218988-1483-4D96-9075-F79EDBC79974"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6800s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F14D5A16-F7BE-427A-98AB-2E120DB756DC"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6850m_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "82E128B2-A9B7-4A1C-9ACF-7EB323B72B6F"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6900_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BFC4A007-BEFD-4BF0-A176-7ECD6150041C"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_rx_6950_xt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3B658454-C160-4EBA-9F7A-E2B9FDEA8A1E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4397FD7C-3357-4F01-98F4-131000D23AA0",
            "versionEndIncluding": "23.q4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:radeon_pro_w6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "85E68F7E-0A57-498A-9DB9-3D36045D671E"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_pro_w6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1DB91262-2EF4-4F0D-8B61-0012BD25E7A8"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_pro_w6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3083C065-5A2C-4B2D-9C1F-5793BA3C0A52"
          },
          {
            "criteria": "cpe:2.3:h:amd:radeon_pro_w6800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7557738A-5D93-4117-8FF2-9A27CD0E6BC5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References