Vulnerability in Amd Μprof

CVE-2022-23831

Insufficient validation of the IOCTL input buffer in AMD μProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service.

EPSS: 0.004 (60.3th percentile) — read the EPSS interpretation.

Affected products

Amd Μprof — versions AMDuProf_FreeBSD_x64, AMDuProf Windows, AMDuProf Linux

References

www.amd.com/en/corporate/product-security/bulletin/amd-sb-1046