fkie_cve-2023-20510
Vulnerability from fkie_nvd
Published
2024-08-13 17:15
Modified
2024-12-12 20:28
Summary
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*",
              "matchCriteriaId": "F71B3286-B679-4DC0-BDD1-784AC5577094",
              "versionEndExcluding": "23.12.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6300m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C66880A-FB33-477D-93FD-C280A4547D66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3F898-5AB1-4E60-A086-ADCF33820154",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6450m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "863770A0-3A7F-43E3-98E5-77E42827FA6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6500_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC1F7CD2-7D13-48A9-A7CC-3547A1D241DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6500m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4FED1D5-F31A-44C9-9101-D70486CC6FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6550m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB12B48-ABF8-4FFB-BD4E-6413C34D477B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6550s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2D1C027-56B1-4EA7-842B-09B300B17808",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C24DE61-4036-42BF-A08F-67C234706703",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6600_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D9040F-1D1D-49E5-A60E-4393F5D76B60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6600m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76A792F-7026-4F29-9A00-3A2EAB2DE5FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6600s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33DAF63F-C468-438C-97C3-B6CE8BD12858",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6650_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82D4745-ACAB-4FC2-A63D-3B0FEA208BED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6650m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD80D674-1DD4-44E0-8C38-8341A7F392B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6650m_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10DD7029-9299-4901-A3D1-84D6102471B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F73C59A-CDE2-4203-921F-1831D4ACFD2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6700_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C980129B-D717-47F7-A6C1-5EB64FB1BF9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6700m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76C585C-FCC8-456D-A63C-7A769AF5EB07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6700s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC0C52E8-26B1-4F77-B9D3-D08BFF72DAFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6750_gre:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49540C5D-CEC7-4BCB-882B-73843CAFD55A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6750_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9466279D-0582-464E-AFCC-20872CC99B56",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12EF0B24-689D-4BE8-98D5-D88A84D5E473",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6800_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B58299A7-7CA4-4EF8-81DC-9A41AA84FB2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6800m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB218988-1483-4D96-9075-F79EDBC79974",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6800s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F14D5A16-F7BE-427A-98AB-2E120DB756DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6850m_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E128B2-A9B7-4A1C-9ACF-7EB323B72B6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6900_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC4A007-BEFD-4BF0-A176-7ECD6150041C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_rx_6950_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B658454-C160-4EBA-9F7A-E2B9FDEA8A1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*",
              "matchCriteriaId": "4397FD7C-3357-4F01-98F4-131000D23AA0",
              "versionEndIncluding": "23.q4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:amd:radeon_pro_w6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E68F7E-0A57-498A-9DB9-3D36045D671E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_pro_w6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DB91262-2EF4-4F0D-8B61-0012BD25E7A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_pro_w6600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3083C065-5A2C-4B2D-9C1F-5793BA3C0A52",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:amd:radeon_pro_w6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7557738A-5D93-4117-8FF2-9A27CD0E6BC5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service."
    },
    {
      "lang": "es",
      "value": "Una validaci\u00f3n de direcci\u00f3n DRAM insuficiente en PMFW puede permitir que un atacante privilegiado lea desde una direcci\u00f3n DRAM no v\u00e1lida a SRAM, lo que podr\u00eda provocar corrupci\u00f3n de datos o denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2023-20510",
  "lastModified": "2024-12-12T20:28:55.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 4.2,
        "source": "psirt@amd.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-13T17:15:18.777",
  "references": [
    {
      "source": "psirt@amd.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html"
    }
  ],
  "sourceIdentifier": "psirt@amd.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…