CVE-2023-20562

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:41

Type Values Removed Values Added
References () https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 - Patch, Vendor Advisory () https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 - Patch, Vendor Advisory

Information

Published : 2023-08-08 18:15

Updated : 2024-11-21 07:41


NVD link : CVE-2023-20562

Mitre link : CVE-2023-20562

CVE.ORG link : CVE-2023-20562


JSON object : View

Products Affected

amd

  • amd_uprof

linux

  • linux_kernel

microsoft

  • windows