An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.



No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01465.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
AMD Radeon™ RX 5000 Series Graphics Cards affected
Version Status Constraints
various affected
AMD Radeon™ RX 6000 Series Graphics Cards affected
Version Status Constraints
various affected
AMD Radeon™ RX 7000 Series Graphics Cards affected
Version Status Constraints
various affected
AMD Radeon™ PRO W5000 Series Graphics Cards affected
Version Status Constraints
Various affected
AMD Radeon™ PRO W6000 Series Graphics Cards affected
Version Status Constraints
various affected
AMD Radeon™ PRO W7000 Series Graphics Cards affected
Version Status Constraints
various affected
AMD Ryzen™ 7045 Series Processors with Radeon™ Graphics affected
Version Status Constraints
various affected
AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics affected
Version Status Constraints
various affected
AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics affected
Version Status Constraints
various affected
AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics affected
Version Status Constraints
various affected
AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics affected
Version Status Constraints
various affected
AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics affected
Version Status Constraints
various affected

Configuration 1 [-]

AND
cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*
OR cpe:2.3:h:amd:radeon_rx_5300:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5300_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5300m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5500:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5500_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5500m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5600_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5600m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5700:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5700_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_5700m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6300m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6400:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6450m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6500_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6500m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6550m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6550s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6600s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6650m_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6700s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6750_gre_10gb:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6750_gre_12gb:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6750_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6800s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6900_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_6950_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7600m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7600m_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7600s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7700_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7700s:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7800_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7900_gre:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7900_xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7900_xtx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_7900m:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*
OR cpe:2.3:h:amd:radeon_pro_w5500:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w5700:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6300:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6400:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6800:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w7500:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w7600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w7800:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w7900:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:*
cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*
OR cpe:2.3:h:amd:ryzen_3_7320u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_7335u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_7440u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_6600h:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_6600hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_6600u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7500f:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7520u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7535hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7535u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7540u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7600x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7640h:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7640u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7645hx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_pro_7640hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_pro_7645:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_6800h:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_6800hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_6800u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7700:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7700x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7735hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7735u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7736u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7745hx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7800x3d:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7840h:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_7840u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_7745:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_7840hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_6900hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_6900hx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_6980hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_6980hx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7845hx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7900:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7900x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7900x3d:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7940h:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7945hx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7945hx3d:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7950x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_7950x3d:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_pro_7940hs:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_pro_7945:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Amd Subscribe
Radeon Pro W5500 Subscribe
Radeon Pro W5700 Subscribe
Radeon Pro W6300 Subscribe
Radeon Pro W6400 Subscribe
Radeon Pro W6600 Subscribe
Radeon Pro W6800 Subscribe
Radeon Pro W7500 Subscribe
Radeon Pro W7600 Subscribe
Radeon Pro W7800 Subscribe
Radeon Pro W7900 Subscribe
Radeon Rx 5300 Subscribe
Radeon Rx 5300 Xt Subscribe
Radeon Rx 5300m Subscribe
Radeon Rx 5500 Subscribe
Radeon Rx 5500 Xt Subscribe
Radeon Rx 5500m Subscribe
Radeon Rx 5600 Subscribe
Radeon Rx 5600 Xt Subscribe
Radeon Rx 5600m Subscribe
Radeon Rx 5700 Subscribe
Radeon Rx 5700 Xt Subscribe
Radeon Rx 5700m Subscribe
Radeon Rx 6300m Subscribe
Radeon Rx 6400 Subscribe
Radeon Rx 6450m Subscribe
Radeon Rx 6500 Xt Subscribe
Radeon Rx 6500m Subscribe
Radeon Rx 6550m Subscribe
Radeon Rx 6550s Subscribe
Radeon Rx 6600 Subscribe
Radeon Rx 6600 Xt Subscribe
Radeon Rx 6600m Subscribe
Radeon Rx 6600s Subscribe
Radeon Rx 6650 Xt Subscribe
Radeon Rx 6650m Subscribe
Radeon Rx 6650m Xt Subscribe
Radeon Rx 6700 Subscribe
Radeon Rx 6700 Xt Subscribe
Radeon Rx 6700m Subscribe
Radeon Rx 6700s Subscribe
Radeon Rx 6750 Gre 10gb Subscribe
Radeon Rx 6750 Gre 12gb Subscribe
Radeon Rx 6750 Xt Subscribe
Radeon Rx 6800 Subscribe
Radeon Rx 6800 Xt Subscribe
Radeon Rx 6800s Subscribe
Radeon Rx 6900 Xt Subscribe
Radeon Rx 6950 Xt Subscribe
Radeon Rx 7600 Subscribe
Radeon Rx 7600m Subscribe
Radeon Rx 7600m Xt Subscribe
Radeon Rx 7600s Subscribe
Radeon Rx 7700 Xt Subscribe
Radeon Rx 7700s Subscribe
Radeon Rx 7800 Xt Subscribe
Radeon Rx 7900 Gre Subscribe
Radeon Rx 7900 Xt Subscribe
Radeon Rx 7900 Xtx Subscribe
Radeon Rx 7900m Subscribe
Radeon Software Subscribe
Ryzen 3 7320u Subscribe
Ryzen 3 7335u Subscribe
Ryzen 3 7440u Subscribe
Ryzen 5 6600h Subscribe
Ryzen 5 6600hs Subscribe
Ryzen 5 6600u Subscribe
Ryzen 5 7500f Subscribe
Ryzen 5 7520u Subscribe
Ryzen 5 7535hs Subscribe
Ryzen 5 7535u Subscribe
Ryzen 5 7540u Subscribe
Ryzen 5 7600 Subscribe
Ryzen 5 7600x Subscribe
Ryzen 5 7640h Subscribe
Ryzen 5 7640u Subscribe
Ryzen 5 7645hx Subscribe
Ryzen 5 Pro 7640hs Subscribe
Ryzen 5 Pro 7645 Subscribe
Ryzen 7 6800h Subscribe
Ryzen 7 6800hs Subscribe
Ryzen 7 6800u Subscribe
Ryzen 7 7700 Subscribe
Ryzen 7 7700x Subscribe
Ryzen 7 7735hs Subscribe
Ryzen 7 7735u Subscribe
Ryzen 7 7736u Subscribe
Ryzen 7 7745hx Subscribe
Ryzen 7 7800x3d Subscribe
Ryzen 7 7840h Subscribe
Ryzen 7 7840u Subscribe
Ryzen 7 Pro 7745 Subscribe
Ryzen 7 Pro 7840hs Subscribe
Ryzen 9 6900hs Subscribe
Ryzen 9 6900hx Subscribe
Ryzen 9 6980hs Subscribe
Ryzen 9 6980hx Subscribe
Ryzen 9 7845hx Subscribe
Ryzen 9 7900 Subscribe
Ryzen 9 7900x Subscribe
Ryzen 9 7900x3d Subscribe
Ryzen 9 7940h Subscribe
Ryzen 9 7945hx Subscribe
Ryzen 9 7945hx3d Subscribe
Ryzen 9 7950x Subscribe
Ryzen 9 7950x3d Subscribe
Ryzen 9 Pro 7940hs Subscribe
Ryzen 9 Pro 7945 Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2023-24777 An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://nvd.nist.gov/vuln/detail/CVE-2023-20598 cve-icon
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6009 cve-icon cve-icon cve-icon
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6009.html cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-20598 cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2024-08-02T09:05:36.253Z

Reserved: 2022-10-27T18:53:39.763Z

Link: CVE-2023-20598

cve-icon Vulnrichment

Updated: 2024-08-02T09:05:36.253Z

cve-icon NVD

Status : Modified

Published: 2023-10-17T14:15:09.813

Modified: 2024-11-21T07:41:12.177

Link: CVE-2023-20598

cve-icon Redhat

Severity : Important

Publid Date: 2023-10-16T00:00:00Z

Links: CVE-2023-20598 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses