Description
Improper validation in Power Management Firmware (PMFW) may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability.
Published: 2026-05-15
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Improper validation in the Power Management Firmware (PMFW) allows a privileged attacker to pass malformed workload arguments when exporting table data from the System Management Unit to main memory. The flaw can lead to exposure of sensitive data or a disruption of normal operation, thereby compromising confidentiality and availability of the affected system. The weakness is identified as CWE‑129, which represents an integer or counter that is written to a bounded data structure and then read in a way that can lead to buffer overread or data leakage.

Affected Systems

The vulnerability affects AMD Radeon PRO V520, Radeon PRO V620, Radeon PRO W6000 Series Graphics Products, and Radeon RX 6000 Series Graphics Products. Specific firmware revisions are not enumerated in the advisory, so all current models that run the legacy PMFW are potentially impacted.

Risk and Exploitability

The CVSS score of 6.8 indicates a moderate severity. EPSS information is not available, and the flaw is not listed in the CISA KEV catalog, suggesting it has not yet been observed in the wild. The described attack requires elevated privileges to perform the malformed export, so the likely attack vector is an internal or local attacker with privileged access. If the vulnerability is exploited, an attacker could exfiltrate data or cause a crash or lock‑up of the graphics subsystem, degrading system functionality.

Generated by OpenCVE AI on May 15, 2026 at 04:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Power Management Firmware update that includes proper argument validation for SMU table exports
  • Restrict the execution of SMU table export functionality to privileged users only, preventing untrusted software from invoking it
  • Monitor system logs for anomalous SMU export activity and perform periodic integrity checks on firmware components

Generated by OpenCVE AI on May 15, 2026 at 04:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 15 May 2026 04:45:00 +0000

Type Values Removed Values Added
Title Improper Power Management Firmware Argument Validation Enables Data Loss

Fri, 15 May 2026 03:00:00 +0000

Type Values Removed Values Added
Description Improper validation in Power Management Firmware (PMFW) may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability.
Weaknesses CWE-129
References
Metrics cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2026-05-15T11:17:56.008Z

Reserved: 2023-04-27T15:25:41.422Z

Link: CVE-2023-31309

cve-icon Vulnrichment

Updated: 2026-05-15T11:17:52.210Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-15T03:16:20.380

Modified: 2026-05-15T14:10:17.083

Link: CVE-2023-31309

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T04:30:36Z

Weaknesses