Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-31307

Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.

Published

2024-08-13T17:15:20.500

Last Modified

2024-12-13T16:30:30.840

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 2.3 (LOW)

Weaknesses

Type: Primary
CWE-129
Type: Secondary
CWE-129

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	amd	radeon_software	< 23.12.1	Yes
Hardware	amd	radeon_rx_6300m	-	No
Hardware	amd	radeon_rx_6400	-	No
Hardware	amd	radeon_rx_6450m	-	No
Hardware	amd	radeon_rx_6500_xt	-	No
Hardware	amd	radeon_rx_6500m	-	No
Hardware	amd	radeon_rx_6550m	-	No
Hardware	amd	radeon_rx_6550s	-	No
Hardware	amd	radeon_rx_6600	-	No
Hardware	amd	radeon_rx_6600_xt	-	No
Hardware	amd	radeon_rx_6600m	-	No
Hardware	amd	radeon_rx_6600s	-	No
Hardware	amd	radeon_rx_6650_xt	-	No
Hardware	amd	radeon_rx_6650m	-	No
Hardware	amd	radeon_rx_6650m_xt	-	No
Hardware	amd	radeon_rx_6700	-	No
Hardware	amd	radeon_rx_6700_xt	-	No
Hardware	amd	radeon_rx_6700m	-	No
Hardware	amd	radeon_rx_6700s	-	No
Hardware	amd	radeon_rx_6750_gre	-	No
Hardware	amd	radeon_rx_6750_xt	-	No
Hardware	amd	radeon_rx_6800	-	No
Hardware	amd	radeon_rx_6800_xt	-	No
Hardware	amd	radeon_rx_6800m	-	No
Hardware	amd	radeon_rx_6800s	-	No
Hardware	amd	radeon_rx_6850m_xt	-	No
Hardware	amd	radeon_rx_6900_xt	-	No
Hardware	amd	radeon_rx_6950_xt	-	No
Application	amd	radeon_software	≤ 23.q4	Yes
Hardware	amd	radeon_pro_w6300	-	No
Hardware	amd	radeon_pro_w6400	-	No
Hardware	amd	radeon_pro_w6600	-	No
Hardware	amd	radeon_pro_w6800	-	No

References

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html Vendor Advisory ([email protected])