CVE-2023-31306 | THREATINT

Description

Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.

PUBLISHED Reserved 2023-04-27 | Published 2025-09-06 | Updated 2025-09-08 | Assigner AMD

LOW: 3.3CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-129 Improper Validation of Array Index

Product status

Default status

affected

No fix planned

unaffected

Default status

affected

No fix planned

unaffected

Default status

affected

AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01)

unaffected

Default status

affected

AMD Software: PRO Edition 24.Q4 (24.20.30)

unaffected

Default status

affected

Contact your AMD Customer Engineering representative

unaffected

Default status

affected

Contact your AMD Customer Engineering representative

unaffected

References

www.amd.com/...es/product-security/bulletin/AMD-SB-6018.html

cve.org (CVE-2023-31306)

nvd.nist.gov (CVE-2023-31306)

Download JSON

help @ threatint.eu