CVE-2023-20513

Description

An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Affected products

AMD / AMD Radeon™ PRO W6000 Series Graphics CardsAMD Software: PRO Edition 23.Q4 (23.30.13.03) – AMD Software: PRO Edition 23.Q4 (23.30.13.03)
AMD / AMD Radeon™ RX 6000 Series Graphics CardsAMD Software: Adrenalin Edition 23.12.1 (23.30.13.01) – AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html