CVE-2023-20510

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-20510
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.

4.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.5 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*
OR cpe:2.3:h:amd:radeon_rx_6300m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6400:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6450m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6500_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6500m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6550m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6550s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650m_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6750_gre:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6750_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6850m_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6900_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6950_xt:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*
OR cpe:2.3:h:amd:radeon_pro_w6300:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6400:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6800:-:*:*:*:*:*:*:*
History

12 Dec 2024, 20:28

Type Values Removed Values Added
Summary
  • (es) Una validación de dirección DRAM insuficiente en PMFW puede permitir que un atacante privilegiado lea desde una dirección DRAM no válida a SRAM, lo que podría provocar corrupción de datos o denegación de servicio.
References () https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html - () https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html - Vendor Advisory
CPE cpe:2.3:h:amd:radeon_rx_6400:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650m_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6550s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6750_gre:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6900_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6750_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700m:-:*:*:*:*:*:*:*
cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*
cpe:2.3:h:amd:radeon_rx_6500m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6550m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6300:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6300m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6500_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6800:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6400:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6450m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600s:-:*:*:*:*:*:*:*
cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*
cpe:2.3:h:amd:radeon_rx_6600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6950_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6850m_xt:-:*:*:*:*:*:*:*
First Time Amd radeon Software
Amd radeon Rx 6600m
Amd radeon Pro W6600
Amd radeon Pro W6300
Amd radeon Rx 6650m
Amd radeon Rx 6750 Xt
Amd
Amd radeon Rx 6650m Xt
Amd radeon Rx 6750 Gre
Amd radeon Pro W6400
Amd radeon Rx 6800
Amd radeon Pro W6800
Amd radeon Rx 6300m
Amd radeon Rx 6900 Xt
Amd radeon Rx 6500m
Amd radeon Rx 6850m Xt
Amd radeon Rx 6700
Amd radeon Rx 6650 Xt
Amd radeon Rx 6950 Xt
Amd radeon Rx 6450m
Amd radeon Rx 6600 Xt
Amd radeon Rx 6800m
Amd radeon Rx 6400
Amd radeon Rx 6600s
Amd radeon Rx 6500 Xt
Amd radeon Rx 6800s
Amd radeon Rx 6700s
Amd radeon Rx 6700 Xt
Amd radeon Rx 6800 Xt
Amd radeon Rx 6550m
Amd radeon Rx 6700m
Amd radeon Rx 6600
Amd radeon Rx 6550s
CWE NVD-CWE-noinfo

13 Aug 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-08-13 17:15

Updated : 2024-12-12 20:28

NVD link : CVE-2023-20510

Mitre link : CVE-2023-20510

CVE.ORG link : CVE-2023-20510

JSON object : View

Products Affected

amd

  • radeon_rx_6700m
  • radeon_rx_6850m_xt
  • radeon_rx_6550s
  • radeon_rx_6550m
  • radeon_pro_w6800
  • radeon_rx_6700_xt
  • radeon_pro_w6400
  • radeon_rx_6700s
  • radeon_software
  • radeon_rx_6600_xt
  • radeon_rx_6800_xt
  • radeon_rx_6650_xt
  • radeon_rx_6750_xt
  • radeon_rx_6750_gre
  • radeon_rx_6800m
  • radeon_rx_6400
  • radeon_pro_w6300
  • radeon_rx_6600
  • radeon_rx_6900_xt
  • radeon_rx_6500m
  • radeon_rx_6300m
  • radeon_rx_6700
  • radeon_rx_6950_xt
  • radeon_rx_6800s
  • radeon_rx_6450m
  • radeon_pro_w6600
  • radeon_rx_6650m
  • radeon_rx_6800
  • radeon_rx_6600s
  • radeon_rx_6600m
  • radeon_rx_6500_xt
  • radeon_rx_6650m_xt
CWE
NVD-CWE-noinfo