CVE-2023-20562:
First published: Tue Aug 08 2023(Updated: )
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
Credit: psirt@amd.com psirt@amd.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Amd Amd Uprof | <4.1.396 | |
| Microsoft Windows | ||
| Amd Amd Uprof | <4.1-424 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-20562.
What is the severity of CVE-2023-20562?
The severity of CVE-2023-20562 is high with a CVSS score of 7.8.
What is the affected software?
The affected software is AMD uProf 4.1.396 up to exclusive 4.1-424.
What is the impact of this vulnerability?
This vulnerability in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
Is Linux Kernel affected by this vulnerability?
No, Linux Kernel is not affected by this vulnerability.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/remedy
- agent/title
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/amd
- canonical/amd amd uprof
- vendor/microsoft
- canonical/microsoft windows
- vendor/linux
- canonical/linux linux kernel