#VU96643 Input validation error in AMD products - CVE-2023-20510
Published: August 30, 2024
Vulnerability identifier: #VU96643
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-20510
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
AMD Instinct MI100
AMD Radeon Instinct MI25
AMD Radeon PRO V520
AMD Radeon PRO V620
Radeon RX 6000 Series
Radeon PRO W6000 Series
AMD Instinct MI100
AMD Radeon Instinct MI25
AMD Radeon PRO V520
AMD Radeon PRO V620
Radeon RX 6000 Series
Radeon PRO W6000 Series
Software vendor:
AMD
AMD
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient DRAM address validation in PMFW. A local user can perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.