CVE-2023-20556

Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.
References
Link Resource
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 Mitigation Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

07 Nov 2023, 04:06

Type Values Removed Values Added
Summary Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD ?Prof may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.

14 Aug 2023, 13:22

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
References (MISC) https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 - (MISC) https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 - Mitigation, Patch, Vendor Advisory
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
First Time Microsoft
Amd
Amd amd Uprof
Linux
Linux linux Kernel
Microsoft windows

08 Aug 2023, 18:33

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-08 18:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-20556

Mitre link : CVE-2023-20556

CVE.ORG link : CVE-2023-20556


JSON object : View

Products Affected

linux

  • linux_kernel

microsoft

  • windows

amd

  • amd_uprof