Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service.
History

Fri, 13 Dec 2024 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Amd uprof
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:amd:uprof:*:*:*:*:*:freebsd:*:*
cpe:2.3:a:amd:uprof:*:*:*:*:*:linux:*:*
cpe:2.3:a:amd:uprof:*:*:*:*:*:windows:*:*
Vendors & Products Amd uprof

Tue, 13 Aug 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd amd Uprof
CPEs cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*
Vendors & Products Amd
Amd amd Uprof
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 13 Aug 2024 17:15:00 +0000

Type Values Removed Values Added
Description Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service.
Weaknesses CWE-284
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2024-08-13T16:57:07.052Z

Updated: 2024-08-13T17:51:06.170Z

Reserved: 2023-04-27T15:25:41.425Z

Link: CVE-2023-31341

cve-icon Vulnrichment

Updated: 2024-08-13T17:50:54.454Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-13T17:15:21.087

Modified: 2024-12-13T16:22:04.967

Link: CVE-2023-31341

cve-icon Redhat

No data.