fkie_cve-2023-20510
Vulnerability from fkie_nvd
Published
2024-08-13 17:15
Modified
2024-12-12 20:28
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@amd.com | https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html | Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*", "matchCriteriaId": "F71B3286-B679-4DC0-BDD1-784AC5577094", "versionEndExcluding": "23.12.1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:amd:radeon_rx_6300m:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C66880A-FB33-477D-93FD-C280A4547D66", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CD3F898-5AB1-4E60-A086-ADCF33820154", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6450m:-:*:*:*:*:*:*:*", "matchCriteriaId": "863770A0-3A7F-43E3-98E5-77E42827FA6B", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6500_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC1F7CD2-7D13-48A9-A7CC-3547A1D241DB", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6500m:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4FED1D5-F31A-44C9-9101-D70486CC6FC7", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6550m:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEB12B48-ABF8-4FFB-BD4E-6413C34D477B", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6550s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2D1C027-56B1-4EA7-842B-09B300B17808", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6600:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C24DE61-4036-42BF-A08F-67C234706703", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6600_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "03D9040F-1D1D-49E5-A60E-4393F5D76B60", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6600m:-:*:*:*:*:*:*:*", "matchCriteriaId": "A76A792F-7026-4F29-9A00-3A2EAB2DE5FC", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6600s:-:*:*:*:*:*:*:*", "matchCriteriaId": "33DAF63F-C468-438C-97C3-B6CE8BD12858", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6650_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "A82D4745-ACAB-4FC2-A63D-3B0FEA208BED", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6650m:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD80D674-1DD4-44E0-8C38-8341A7F392B1", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6650m_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "10DD7029-9299-4901-A3D1-84D6102471B9", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6700:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F73C59A-CDE2-4203-921F-1831D4ACFD2A", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6700_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "C980129B-D717-47F7-A6C1-5EB64FB1BF9A", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6700m:-:*:*:*:*:*:*:*", "matchCriteriaId": "B76C585C-FCC8-456D-A63C-7A769AF5EB07", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6700s:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC0C52E8-26B1-4F77-B9D3-D08BFF72DAFB", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6750_gre:-:*:*:*:*:*:*:*", "matchCriteriaId": "49540C5D-CEC7-4BCB-882B-73843CAFD55A", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6750_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "9466279D-0582-464E-AFCC-20872CC99B56", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6800:-:*:*:*:*:*:*:*", "matchCriteriaId": "12EF0B24-689D-4BE8-98D5-D88A84D5E473", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6800_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "B58299A7-7CA4-4EF8-81DC-9A41AA84FB2A", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6800m:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB218988-1483-4D96-9075-F79EDBC79974", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6800s:-:*:*:*:*:*:*:*", "matchCriteriaId": "F14D5A16-F7BE-427A-98AB-2E120DB756DC", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6850m_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "82E128B2-A9B7-4A1C-9ACF-7EB323B72B6F", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6900_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "BFC4A007-BEFD-4BF0-A176-7ECD6150041C", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_rx_6950_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B658454-C160-4EBA-9F7A-E2B9FDEA8A1E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*", "matchCriteriaId": "4397FD7C-3357-4F01-98F4-131000D23AA0", "versionEndIncluding": "23.q4", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:amd:radeon_pro_w6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "85E68F7E-0A57-498A-9DB9-3D36045D671E", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_pro_w6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1DB91262-2EF4-4F0D-8B61-0012BD25E7A8", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_pro_w6600:-:*:*:*:*:*:*:*", "matchCriteriaId": "3083C065-5A2C-4B2D-9C1F-5793BA3C0A52", "vulnerable": false }, { "criteria": "cpe:2.3:h:amd:radeon_pro_w6800:-:*:*:*:*:*:*:*", "matchCriteriaId": "7557738A-5D93-4117-8FF2-9A27CD0E6BC5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service." }, { "lang": "es", "value": "Una validaci\u00f3n de direcci\u00f3n DRAM insuficiente en PMFW puede permitir que un atacante privilegiado lea desde una direcci\u00f3n DRAM no v\u00e1lida a SRAM, lo que podr\u00eda provocar corrupci\u00f3n de datos o denegaci\u00f3n de servicio." } ], "id": "CVE-2023-20510", "lastModified": "2024-12-12T20:28:55.010", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "exploitabilityScore": 0.5, "impactScore": 4.2, "source": "psirt@amd.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-08-13T17:15:18.777", "references": [ { "source": "psirt@amd.com", "tags": [ "Vendor Advisory" ], "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html" } ], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…