First published: Tue Oct 17 2023(Updated: )
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.
Credit: psirt@amd.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
AMD Radeon RX 5300 Firmware | ||
AMD Radeon RX 5300 Firmware | ||
AMD Radeon RX 5300M Firmware | ||
AMD Radeon RX 5500 | ||
AMD Radeon RX 5500 XT Firmware | ||
AMD Radeon RX 5500M | ||
AMD Radeon RX 5600 | ||
AMD Radeon RX 5600 | ||
AMD Radeon RX 5600M | ||
AMD Radeon RX 5700 | ||
AMD Radeon RX 5700 XT | ||
AMD Radeon RX 5700M | ||
AMD Radeon RX 6300M | ||
AMD Radeon RX 6400 | ||
AMD Radeon RX 6450M | ||
AMD Radeon RX 6500 XT | ||
AMD Radeon RX 6500M | ||
AMD Radeon RX 6550M | ||
AMD Radeon RX 6550S | ||
AMD Radeon RX 6600 | ||
AMD Radeon RX 6600 XT | ||
AMD Radeon RX 6600M | ||
AMD Radeon RX 6600S | ||
AMD Radeon RX 6650 XT | ||
AMD Radeon RX 6650M XT | ||
AMD Radeon RX 6650M XT | ||
AMD Radeon RX 6700 | ||
AMD Radeon RX 6700 XT | ||
AMD Radeon RX 6700M | ||
AMD Radeon RX 6700S | ||
AMD Radeon RX 6750 GRE | ||
AMD Radeon RX 6750 GRE | ||
AMD Radeon RX 6750 XT | ||
AMD Radeon RX 6800 | ||
AMD Radeon RX 6800 XT Firmware | ||
AMD Radeon RX 6800 | ||
AMD Radeon RX 6900 XT | ||
AMD Radeon RX 6950XT Firmware | ||
AMD Radeon RX 7600 | ||
AMD Radeon RX 7600M | ||
AMD Radeon RX 7600M XT | ||
AMD Radeon RX 7600S | ||
AMD Radeon RX 7700 XT Firmware | ||
AMD Radeon RX 7700S | ||
AMD Radeon RX 7800 XT | ||
AMD Radeon RX 7900 | ||
AMD Radeon RX 7900 XT Firmware | ||
AMD Radeon RX 7900XTX Firmware | ||
AMD Radeon RX 7900M | ||
AMD Radeon Software for HIP | <23.9.2 | |
All of | ||
Any of | ||
AMD Radeon Pro W5500 | ||
AMD Radeon Pro W5700 | ||
AMD Radeon Pro W6300 | ||
AMD Radeon Pro W6400 Firmware | ||
AMD Radeon Pro W6600 | ||
AMD Radeon Pro W6800 | ||
AMD Radeon Pro W7500 | ||
AMD Radeon Pro W7600 | ||
AMD Radeon Pro W7800 | ||
AMD Radeon Pro W7900 | ||
AMD Radeon Software for HIP | <23.q4 | |
All of | ||
Any of | ||
AMD Ryzen 3 7320U | ||
AMD Ryzen 3 7335U Firmware | ||
AMD Ryzen 3 7440U Firmware | ||
AMD Ryzen 5 6600H firmware | ||
AMD Ryzen 5 6600HS Firmware | ||
AMD Ryzen 5 6600U Firmware | ||
AMD Ryzen 5 7500F Firmware | ||
AMD Ryzen 5 7520u firmware | ||
AMD Ryzen 5 7535HS Firmware | ||
AMD Ryzen 5 7535U firmware | ||
AMD Ryzen 5 7540U | ||
AMD Ryzen 5 7600 | ||
AMD Ryzen 5 7600X Firmware | ||
AMD Ryzen 5 PRO 7640H | ||
AMD Ryzen 5 7640U Firmware | ||
AMD Ryzen 5 7645HX | ||
AMD Ryzen 5 Pro 7640HS Firmware | ||
AMD Ryzen Pro 7645 | ||
AMD Ryzen 7 6800H Firmware | ||
AMD Ryzen 7 6800HS firmware | ||
AMD Ryzen 7 6800U Firmware | ||
AMD Ryzen 7 7700 | ||
AMD Ryzen 7 7700X | ||
AMD Ryzen 7 7735HS Firmware | ||
AMD Ryzen 7 7735U Firmware | ||
AMD Ryzen 7 7736U | ||
AMD Ryzen 7 7745HX Firmware | ||
AMD Ryzen 7 7800X3D | ||
AMD Ryzen 7 Pro 7840H | ||
AMD Ryzen 7 7840U | ||
AMD Ryzen 7 Pro 7745 Firmware | ||
AMD Ryzen 7 Pro 7840HS | ||
AMD Ryzen 9 6900HS Firmware | ||
AMD Ryzen 9 6900HX Firmware | ||
AMD Ryzen 9 6980HS Firmware | ||
AMD Ryzen 9 6980HX firmware | ||
AMD Ryzen 9 7845HX firmware | ||
AMD Ryzen 9 7900 | ||
AMD Ryzen 9 7900X Firmware | ||
AMD Ryzen 9 7900X3D firmware | ||
AMD Ryzen 9 7940H | ||
AMD Ryzen 9 7945HX Firmware | ||
AMD Ryzen 9 7945HX3D | ||
AMD Ryzen 9 7950X | ||
AMD Ryzen 9 7950X3D | ||
AMD Ryzen 9 Pro 7940HS | ||
AMD Ryzen Pro 7945 | ||
Any of | ||
AMD Radeon Software for HIP | <23.9.2 | |
AMD Radeon Software for HIP | <23.q4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-20598 has a high severity rating due to the potential for arbitrary code execution by an authenticated attacker.
To fix CVE-2023-20598, update to the latest version of AMD Radeon Software that addresses the vulnerability.
CVE-2023-20598 affects various AMD Radeon graphics cards and software, particularly those prior to version 23.9.2.
If exploited, CVE-2023-20598 could allow an attacker to gain I/O control over arbitrary hardware ports, leading to potential malicious activity.
You can determine vulnerability to CVE-2023-20598 by checking your installed version of AMD Radeon Software against the fixed versions provided by AMD.