CVE-2023-31325

Description

Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Affected products

AMD / AMD Radeon™ PRO W7000 Series Graphics ProductsAMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: PRO Edition 24.Q2 (24.10.20)
AMD / AMD Radeon™ RX 7000 Series Graphics ProductsAMD Software: Adrenalin Edition 24.7.1 (24.10.29.01) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.1.0.0 – PhoenixPI-FP8-FP7_1.1.0.0
AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5 1.1.0.1 – ComboAM5 1.1.0.1

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html
MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html