4.4
CVE-2023-31307
- EPSS 0.06%
- Published 13.08.2024 17:15:20
- Last modified 13.12.2024 16:30:30
- Source psirt@amd.com
- Teams watchlist Login
- Open Login
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.
Data is provided by the National Vulnerability Database (NVD)
Amd ≫ Radeon Software SwEditionadrenalin Version < 23.12.1
Amd ≫ Radeon Rx 6300m Version-
Amd ≫ Radeon Rx 6400 Version-
Amd ≫ Radeon Rx 6450m Version-
Amd ≫ Radeon Rx 6500 Xt Version-
Amd ≫ Radeon Rx 6500m Version-
Amd ≫ Radeon Rx 6550m Version-
Amd ≫ Radeon Rx 6550s Version-
Amd ≫ Radeon Rx 6600 Version-
Amd ≫ Radeon Rx 6600 Xt Version-
Amd ≫ Radeon Rx 6600m Version-
Amd ≫ Radeon Rx 6600s Version-
Amd ≫ Radeon Rx 6650 Xt Version-
Amd ≫ Radeon Rx 6650m Version-
Amd ≫ Radeon Rx 6650m Xt Version-
Amd ≫ Radeon Rx 6700 Version-
Amd ≫ Radeon Rx 6700 Xt Version-
Amd ≫ Radeon Rx 6700m Version-
Amd ≫ Radeon Rx 6700s Version-
Amd ≫ Radeon Rx 6750 Gre Version-
Amd ≫ Radeon Rx 6750 Xt Version-
Amd ≫ Radeon Rx 6800 Version-
Amd ≫ Radeon Rx 6800 Xt Version-
Amd ≫ Radeon Rx 6800m Version-
Amd ≫ Radeon Rx 6800s Version-
Amd ≫ Radeon Rx 6850m Xt Version-
Amd ≫ Radeon Rx 6900 Xt Version-
Amd ≫ Radeon Rx 6950 Xt Version-
Amd ≫ Radeon Rx 6400 Version-
Amd ≫ Radeon Rx 6450m Version-
Amd ≫ Radeon Rx 6500 Xt Version-
Amd ≫ Radeon Rx 6500m Version-
Amd ≫ Radeon Rx 6550m Version-
Amd ≫ Radeon Rx 6550s Version-
Amd ≫ Radeon Rx 6600 Version-
Amd ≫ Radeon Rx 6600 Xt Version-
Amd ≫ Radeon Rx 6600m Version-
Amd ≫ Radeon Rx 6600s Version-
Amd ≫ Radeon Rx 6650 Xt Version-
Amd ≫ Radeon Rx 6650m Version-
Amd ≫ Radeon Rx 6650m Xt Version-
Amd ≫ Radeon Rx 6700 Version-
Amd ≫ Radeon Rx 6700 Xt Version-
Amd ≫ Radeon Rx 6700m Version-
Amd ≫ Radeon Rx 6700s Version-
Amd ≫ Radeon Rx 6750 Gre Version-
Amd ≫ Radeon Rx 6750 Xt Version-
Amd ≫ Radeon Rx 6800 Version-
Amd ≫ Radeon Rx 6800 Xt Version-
Amd ≫ Radeon Rx 6800m Version-
Amd ≫ Radeon Rx 6800s Version-
Amd ≫ Radeon Rx 6850m Xt Version-
Amd ≫ Radeon Rx 6900 Xt Version-
Amd ≫ Radeon Rx 6950 Xt Version-
Amd ≫ Radeon Software SwEditionpro Version <= 23.q4
Amd ≫ Radeon Pro W6300 Version-
Amd ≫ Radeon Pro W6400 Version-
Amd ≫ Radeon Pro W6600 Version-
Amd ≫ Radeon Pro W6800 Version-
Amd ≫ Radeon Pro W6400 Version-
Amd ≫ Radeon Pro W6600 Version-
Amd ≫ Radeon Pro W6800 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.193 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
| psirt@amd.com | 2.3 | 0.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.