Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
History

Fri, 11 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Amd uprof Tool
CPEs cpe:2.3:a:amd:uprof_tool:*:*:*:*:*:*:*:*
Vendors & Products Amd uprof Tool
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2023-08-08T17:13:50.810Z

Updated: 2024-10-10T19:09:22.207Z

Reserved: 2022-10-27T18:53:39.747Z

Link: CVE-2023-20562

cve-icon Vulnrichment

Updated: 2024-08-02T09:05:36.231Z

cve-icon NVD

Status : Modified

Published: 2023-08-08T18:15:11.467

Modified: 2024-11-21T07:41:07.423

Link: CVE-2023-20562

cve-icon Redhat

Severity : Important

Publid Date: 2023-08-08T06:30:00Z

Links: CVE-2023-20562 - Bugzilla