{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-31324", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2023-04-27T15:25:41.424Z", "datePublished": "2026-02-11T14:34:54.024Z", "dateUpdated": "2026-02-11T15:42:39.488Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2026-02-11T14:34:54.024Z"}, "affected": [{"defaultStatus": "affected", "vendor": "AMD", "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products", "versions": [{"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)", "status": "unaffected"}]}, {"defaultStatus": "affected", "vendor": "AMD", "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products", "versions": [{"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)", "status": "unaffected"}]}, {"defaultStatus": "affected", "vendor": "AMD", "product": "AMD Instinct\u2122 MI210", "versions": [{"version": "ROCm 6.4", "status": "unaffected"}]}, {"defaultStatus": "affected", "vendor": "AMD", "product": "AMD Instinct\u2122 MI250", "versions": [{"version": "ROCm 6.4", "status": "unaffected"}]}, {"defaultStatus": "affected", "vendor": "AMD", "product": "AMD Instinct\u2122 MI300A", "versions": [{"version": "ROCm 6.4", "status": "unaffected"}]}, {"defaultStatus": "affected", "vendor": "AMD", "product": "AMD Instinct\u2122 MI300X", "versions": [{"version": "ROCm 6.4", "status": "unaffected"}]}], "datePublic": "2026-02-11T14:11:05.353Z", "descriptions": [{"lang": "en", "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.<br>"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE"}]}], "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "AMD PSIRT Automation 1.0"}, "metrics": [{"cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-11T15:36:37.735258Z", "id": "CVE-2023-31324", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T15:42:39.488Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-31324", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-11T15:36:37.735258Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T15:36:38.949Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L", "userInteraction": "NONE", "attackComplexity": "HIGH", "privilegesRequired": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AMD", "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products", "versions": [{"status": "unaffected", "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products", "versions": [{"status": "unaffected", "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD Instinct\u2122 MI210", "versions": [{"status": "unaffected", "version": "ROCm 6.4"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD Instinct\u2122 MI250", "versions": [{"status": "unaffected", "version": "ROCm 6.4"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD Instinct\u2122 MI300A", "versions": [{"status": "unaffected", "version": "ROCm 6.4"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD Instinct\u2122 MI300X", "versions": [{"status": "unaffected", "version": "ROCm 6.4"}], "defaultStatus": "affected"}], "datePublic": "2026-02-11T14:11:05.353Z", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"}], "x_generator": {"engine": "AMD PSIRT Automation 1.0"}, "descriptions": [{"lang": "en", "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.", "supportingMedia": [{"type": "text/html", "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"}]}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2026-02-11T14:34:54.024Z"}}}, "cveMetadata": {"cveId": "CVE-2023-31324", "state": "PUBLISHED", "dateUpdated": "2026-02-11T15:42:39.488Z", "dateReserved": "2023-04-27T15:25:41.424Z", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "datePublished": "2026-02-11T14:34:54.024Z", "assignerShortName": "AMD"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability."}], "id": "CVE-2023-31324", "lastModified": "2026-02-11T15:27:26.370", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@amd.com", "type": "Secondary"}]}, "published": "2026-02-11T15:16:11.487", "references": [{"source": "psirt@amd.com", "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "psirt@amd.com", "type": "Secondary"}]}

{}

{"created": "2026-02-12T11:19:15.113154+00:00", "updated": "2026-02-12T11:19:15.113299+00:00", "vendors": ["amd", "amd$PRODUCT$instinct_mi210", "amd$PRODUCT$instinct_mi250", "amd$PRODUCT$instinct_mi300a", "amd$PRODUCT$instinct_mi300x", "amd$PRODUCT$radeon_pro_w5000_series", "amd$PRODUCT$radeon_rx_5000_series"]}