CVE-2023-20556 - Vulnerability Details

Vendors	Products
Amd	Amd Uprof
Linux	Linux Kernel
Microsoft	Windows

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2023-20556
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7003.html
https://www.cve.org/CVERecord?id=CVE-2023-20556

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20556", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2022-10-27T18:53:39.746Z", "datePublished": "2023-08-08T17:14:24.974Z", "dateUpdated": "2024-10-10T16:01:41.871Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "platforms": ["x86", "Windows"], "product": "\u03bcProf", "vendor": "AMD", "versions": [{"lessThan": "4.1.396", "status": "affected", "version": "various", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "platforms": ["x86", "Linux"], "product": "\u03bcProf", "vendor": " AMD", "versions": [{"lessThan": "4.1-424", "status": "affected", "version": "various ", "versionType": "custom"}]}], "datePublic": "2023-08-08T16:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(248, 249, 250);\">\n\n\n\n<span style=\"background-color: rgb(248, 249, 250);\">\n\n<span style=\"background-color: rgb(248, 249, 250);\">Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD \u03bcProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.</span>\n\n</span>\n\n\n\n\n\n\n\n</span>\n\n\n\n\n\n\n\n\n\n"}], "value": "\n\n\n\n\nInsufficient validation of the IOCTL (Input Output Control) input buffer in AMD \u03bcProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2023-08-08T17:14:24.974Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003"}], "source": {"advisory": "AMD-SB-7003", "discovery": "UNKNOWN"}, "title": " ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:36.893Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-10T16:01:28.089446Z", "id": "CVE-2023-20556", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T16:01:41.871Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-20556 (string)

assignerOrgId : b58fc414-a1e4-4f92-9d70-1add41838648 (string)

state : PUBLISHED (string)

assignerShortName : AMD (string)

dateReserved : 2022-10-27T18:53:39.746Z (string)

datePublished : 2023-08-08T17:14:24.974Z (string)

dateUpdated : 2024-10-10T16:01:41.871Z (string)

}

containers : { »

cna : { »

affected : [ »

0 : { »

defaultStatus : affected (string)

platforms : [ »

0 : x86 (string)

1 : Windows (string)

]

product : μProf (string)

vendor : AMD (string)

versions : [ »

0 : { »

lessThan : 4.1.396 (string)

status : affected (string)

version : various (string)

versionType : custom (string)

}

]

}

1 : { »

defaultStatus : unaffected (string)

platforms : [ »

0 : x86 (string)

1 : Linux (string)

]

product : μProf (string)

vendor : AMD (string)

versions : [ »

0 : { »

lessThan : 4.1-424 (string)

status : affected (string)

version : various (string)

versionType : custom (string)

}

]

}

]

datePublic : 2023-08-08T16:30:00.000Z (string)

descriptions : [ »

0 : { »

lang : en (string)

supportingMedia : [ »

0 : { »

base64 : false (boolean)

type : text/html (string)

value : Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. (string)

}

]

value : Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. (string)

}

]

providerMetadata : { »

orgId : b58fc414-a1e4-4f92-9d70-1add41838648 (string)

shortName : AMD (string)

dateUpdated : 2023-08-08T17:14:24.974Z (string)

}

references : [ »

0 : { »

tags : [ »

0 : vendor-advisory (string)

]

url : https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 (string)

}

]

source : { »

advisory : AMD-SB-7003 (string)

discovery : UNKNOWN (string)

}

title : (string)

x_generator : { »

engine : Vulnogram 0.1.0-dev (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:05:36.893Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : vendor-advisory (string)

1 : x_transferred (string)

]

url : https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 (string)

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-10-10T16:01:28.089446Z (string)

id : CVE-2023-20556 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-10T16:01:41.871Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20556", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2022-10-27T18:53:39.746Z", "datePublished": "2023-08-08T17:14:24.974Z", "dateUpdated": "2024-10-10T16:01:41.871Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "platforms": ["x86", "Windows"], "product": "\u03bcProf", "vendor": "AMD", "versions": [{"lessThan": "4.1.396", "status": "affected", "version": "various", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "platforms": ["x86", "Linux"], "product": "\u03bcProf", "vendor": " AMD", "versions": [{"lessThan": "4.1-424", "status": "affected", "version": "various ", "versionType": "custom"}]}], "datePublic": "2023-08-08T16:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(248, 249, 250);\">\n\n\n\n<span style=\"background-color: rgb(248, 249, 250);\">\n\n<span style=\"background-color: rgb(248, 249, 250);\">Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD \u03bcProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.</span>\n\n</span>\n\n\n\n\n\n\n\n</span>\n\n\n\n\n\n\n\n\n\n"}], "value": "\n\n\n\n\nInsufficient validation of the IOCTL (Input Output Control) input buffer in AMD \u03bcProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2023-08-08T17:14:24.974Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003"}], "source": {"advisory": "AMD-SB-7003", "discovery": "UNKNOWN"}, "title": " ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:36.893Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20556", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-10T16:01:28.089446Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T16:01:36.931Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-20556 (string)

assignerOrgId : b58fc414-a1e4-4f92-9d70-1add41838648 (string)

state : PUBLISHED (string)

assignerShortName : AMD (string)

dateReserved : 2022-10-27T18:53:39.746Z (string)

datePublished : 2023-08-08T17:14:24.974Z (string)

dateUpdated : 2024-10-10T16:01:41.871Z (string)

}

containers : { »

cna : { »

affected : [ »

0 : { »

defaultStatus : affected (string)

platforms : [ »

0 : x86 (string)

1 : Windows (string)

]

product : μProf (string)

vendor : AMD (string)

versions : [ »

0 : { »

lessThan : 4.1.396 (string)

status : affected (string)

version : various (string)

versionType : custom (string)

}

]

}

1 : { »

defaultStatus : unaffected (string)

platforms : [ »

0 : x86 (string)

1 : Linux (string)

]

product : μProf (string)

vendor : AMD (string)

versions : [ »

0 : { »

lessThan : 4.1-424 (string)

status : affected (string)

version : various (string)

versionType : custom (string)

}

]

}

]

datePublic : 2023-08-08T16:30:00.000Z (string)

descriptions : [ »

0 : { »

lang : en (string)

supportingMedia : [ »

0 : { »

base64 : false (boolean)

type : text/html (string)

value : Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. (string)

}

]

value : Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. (string)

}

]

providerMetadata : { »

orgId : b58fc414-a1e4-4f92-9d70-1add41838648 (string)

shortName : AMD (string)

dateUpdated : 2023-08-08T17:14:24.974Z (string)

}

references : [ »

0 : { »

tags : [ »

0 : vendor-advisory (string)

]

url : https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 (string)

}

]

source : { »

advisory : AMD-SB-7003 (string)

discovery : UNKNOWN (string)

}

title : (string)

x_generator : { »

engine : Vulnogram 0.1.0-dev (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:05:36.893Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : vendor-advisory (string)

1 : x_transferred (string)

]

url : https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 (string)

}

]

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-20556 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-10-10T16:01:28.089446Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-10T16:01:36.931Z (string)

}

]

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB1EF217-6C1D-4FED-8F8E-4AD79D74A536", "versionEndExcluding": "4.1.396", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*", "matchCriteriaId": "BFC64885-C3DE-4FFB-8AD4-4B96722EC6D4", "versionEndExcluding": "4.1-424", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\n\n\n\n\nInsufficient validation of the IOCTL (Input Output Control) input buffer in AMD \u03bcProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "id": "CVE-2023-20556", "lastModified": "2024-11-21T07:41:06.607", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-08T18:15:11.340", "references": [{"source": "psirt@amd.com", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AB1EF217-6C1D-4FED-8F8E-4AD79D74A536 (string)

versionEndExcluding : 4.1.396 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A2572D17-1DE6-457B-99CC-64AFD54487EA (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BFC64885-C3DE-4FFB-8AD4-4B96722EC6D4 (string)

versionEndExcluding : 4.1-424 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 703AF700-7A70-47E2-BC3A-7FD03B3CA9C1 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. (string)

}

]

id : CVE-2023-20556 (string)

lastModified : 2024-11-21T07:41:06.607 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-08-08T18:15:11.340 (string)

references : [ »

0 : { »

source : psirt@amd.com (string)

tags : [ »

0 : Mitigation (string)

1 : Patch (string)

2 : Vendor Advisory (string)

]

url : https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Patch (string)

2 : Vendor Advisory (string)

]

url : https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 (string)

}

]

sourceIdentifier : psirt@amd.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "hw: amd: uProf allow user to send arbitrary buffer leading to dos", "id": "2224050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224050"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-782", "details": ["Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD \u03bcProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.", "Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD \u03bcProf may allow an authenticated user to send an arbitrary buffer, potentially resulting in a Windows crash, leading to denial of service."], "mitigation": {"lang": "en:us", "value": "Please contact AMD support for updates."}, "name": "CVE-2023-20556", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-08-08T06:30:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-20556\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20556\nhttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7003.html"], "threat_severity": "Moderate"}

{

bugzilla : { »

description : hw: amd: uProf allow user to send arbitrary buffer leading to dos (string)

id : 2224050 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2224050 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.5 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : draft (string)

}

cwe : CWE-782 (string)

details : [ »

0 : Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. (string)

1 : Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer, potentially resulting in a Windows crash, leading to denial of service. (string)

]

mitigation : { »

lang : en:us (string)

value : Please contact AMD support for updates. (string)

}

name : CVE-2023-20556 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)