Vulnerability in Amd Radeon™ Pro Vii

CVE-2023-20601

Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.

EPSS: 0.000 (1.4th percentile) — read the EPSS interpretation.

Affected products

Amd Radeon™ Pro Vii — versions AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)
Amd Radeon™ Vii — versions AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)

Weakness classification (CWE)

CWE-129 — Improper Validation of Array Index

References

www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html