CVE-2023-31310

MEDIUM5.0

Description

Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting in a loss of integrity and/or availability.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

Low

Affected products

AMD / AMD Radeon™ PRO W6000 Series Graphics CardsAMD Software: PRO Edition 23.Q4 (23.30.13.03) – AMD Software: PRO Edition 23.Q4 (23.30.13.03)
AMD / AMD Radeon™ RX 6000 Series Graphics CardsAMD Software: Adrenalin Edition 23.12.1 (23.30.13.01) – AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html