Vulnerability in Amd Ryzen™ 4000 Series Desktop Processor With Radeon™ Graphics
CVE-2023-31331
Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.
EPSS: 0.001 (17.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.0 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L.
Affected products
- Amd Ryzen™ 4000 Series Desktop Processor With Radeon™ Graphics — versions ComboAM4v2PI 1.2.0.CA
- Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics — versions RenoirPI-FP6 1.0.0.D
- Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics — versions ComboAM4v2PI 1.2.0.CA
- Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics — versions Cezanne-FP6 1.0.1.0
- Amd Ryzen™ 6000 Series Processor With Radeon™ Graphics — versions Rembrandt-FP7 1.0.0.A
- Amd Ryzen™ 7000 Series Desktop Processors — versions ComboAM5 1.1.0.2
- Amd Ryzen™ 7000 Series Mobile Processors — versions DragonRangeFL1PI 1.0.0.3C
- Amd Ryzen™ 7035 Series Processor With Radeon™ Graphics — versions Rembrandt-FP7 1.0.0.A
- Amd Ryzen™ 7040 Series Processors With Radeon™ Graphics — versions PhoenixPI-FP8-FP7 1.1.0.2
- Amd Ryzen™ 8000 Series Processor With Radeon™ Graphics — versions ComboAM5 1.1.0.2
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2023-31331?
- CVE-2023-31331 is a low-severity vulnerability in Amd Ryzen™ 4000 Series Desktop Processor With Radeon™ Graphics, classified under Improper Validation of Specified Quantity in Input. CVSS score: 3.0/10. Published 2025-02-11.
- How severe is CVE-2023-31331?
- Low severity. CVSS v3 base score is 3.0 out of 10.