Vulnerability in Amd Μprof

CVE-2022-27674

Insufficient validation in the IOCTL input/output buffer in AMD μProf may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of service.

EPSS: 0.004 (60.3th percentile) — read the EPSS interpretation.

Affected products

Amd Μprof — versions AMDuProf_FreeBSD_x64, AMDuProf Windows, AMDuProf Linux

References

www.amd.com/en/corporate/product-security/bulletin/amd-sb-1046