CVE-2023-31320 — Improper Input Validation in AMD Radeon PRO W5000 W6000 W7000 Series Graphics Cards

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.5HIGHNVD

EPSS

5.2%

top 10.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AMD Radeon Software AMD Radeon PRO W5000 W6000 W7000 Series Graphics Cards AMD Radeon PRO WX Vega Series Graphics Cards +2 more

Timeline

PublishedNov 14

Description

Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

▶CVEListV5amd/radeon_rx_vega_series_graphics_cardsvarious

▶CVEListV5amd/radeon_pro_wx_vega_series_graphics_cardsvarious

▶CVEListV5amd/radeon_rx_5000_6000_7000_series_graphics_cardsvarious

▶CVEListV5amd/radeon_pro_w5000_w6000_w7000_series_graphics_cardsvarious

▶NVDamd/radeon_software< 23.7.1+1

🔴Vulnerability Details

GHSA

GHSA-v4fc-x53w-j3j2: Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of↗2023-11-14

▶

CVEList

CVE-2023-31320: Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of↗2023-11-14

▶