CVE-2022-23831

Insufficient validation of the IOCTL input buffer in AMD µProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

01 May 2025, 15:15

Type Values Removed Values Added
CWE CWE-20

21 Nov 2024, 06:49

Type Values Removed Values Added
References () https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1046 - Vendor Advisory () https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1046 - Vendor Advisory

Information

Published : 2022-11-09 21:15

Updated : 2025-05-01 15:15


NVD link : CVE-2022-23831

Mitre link : CVE-2022-23831

CVE.ORG link : CVE-2022-23831


JSON object : View

Products Affected

freebsd

  • freebsd

amd

  • amd_uprof

linux

  • linux_kernel

microsoft

  • windows
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation