First published: Tue Aug 15 2023(Updated: )
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.
Credit: psirt@amd.com psirt@amd.com
Affected Software | Affected Version | How to fix |
---|---|---|
AMD Ryzen Master | <2.11.2.2659 | |
Amd Ryzen Master Monitoring Sdk | <august_2023 | |
Microsoft Windows 10 | ||
Microsoft Windows 11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-20564 is a vulnerability in AMD Ryzen™ Master that allows a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.
CVE-2023-20564 can result in a loss of confidentiality or arbitrary kernel execution in AMD Ryzen™ Master.
AMD Ryzen™ Master versions up to and exclusive of 2.11.2.2659 are affected by CVE-2023-20564.
No, Microsoft Windows 10 is not vulnerable to CVE-2023-20564.
No, Microsoft Windows 11 is not vulnerable to CVE-2023-20564.
CVE-2023-20564 has a severity rating of medium.
To fix CVE-2023-20564, it is recommended to update AMD Ryzen™ Master to version 2.11.2.2659 or higher.
You can find more information about CVE-2023-20564 on the AMD Product Security Bulletin.