CVE-2023-31366

Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:amd:uprof::::::linux::*
	cpe:2.3:a:amd:uprof::::::freebsd::*
	cpe:2.3:a:amd:uprof::::::windows::*

History

12 Dec 2024, 01:21

Type	Values Removed	Values Added
Summary	~~(en) Improper input validation in AMD ?Prof could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.~~	(en) Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.

03 Dec 2024, 18:30

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
Summary	~~(en) Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.~~	(en) Improper input validation in AMD ?Prof could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.
CPE		cpe:2.3:a:amd:uprof::::::freebsd::* cpe:2.3:a:amd:uprof::::::linux::* cpe:2.3:a:amd:uprof::::::windows::*
References	~~() https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 -~~	() https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 - Vendor Advisory
First Time		Amd Amd uprof

14 Aug 2024, 17:15

Type	Values Removed	Values Added
Summary		(es) Una validación de entrada incorrecta en AMD ?Prof podría permitir que un atacante realice una escritura en una dirección no válida, lo que podría resultar en una denegación de servicio.
Summary	~~(en) Improper input validation in AMD ?Prof could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.~~	(en) Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.

14 Aug 2024, 02:07

Type	Values Removed	Values Added
Summary	~~(en) Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.~~	(en) Improper input validation in AMD ?Prof could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.

13 Aug 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-13 17:15

Updated : 2024-12-12 01:21

NVD link : CVE-2023-31366

Mitre link : CVE-2023-31366

CVE.ORG link : CVE-2023-31366

JSON object : View

Products Affected

amd

uprof

CWE

CWE-20

Improper Input Validation

NVD-CWE-noinfo

3.3 /10