7.8
CWE
269
Advisory Published
Updated

CVE-2023-20598

First published: Tue Oct 17 2023(Updated: )

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.

Credit: psirt@amd.com

Affected SoftwareAffected VersionHow to fix
All of
Any of
AMD Radeon RX 5300 Firmware
AMD Radeon RX 5300 Firmware
AMD Radeon RX 5300M Firmware
AMD Radeon RX 5500
AMD Radeon RX 5500 XT Firmware
AMD Radeon RX 5500M
AMD Radeon RX 5600
AMD Radeon RX 5600
AMD Radeon RX 5600M
AMD Radeon RX 5700
AMD Radeon RX 5700 XT
AMD Radeon RX 5700M
AMD Radeon RX 6300M
AMD Radeon RX 6400
AMD Radeon RX 6450M
AMD Radeon RX 6500 XT
AMD Radeon RX 6500M
AMD Radeon RX 6550M
AMD Radeon RX 6550S
AMD Radeon RX 6600
AMD Radeon RX 6600 XT
AMD Radeon RX 6600M
AMD Radeon RX 6600S
AMD Radeon RX 6650 XT
AMD Radeon RX 6650M XT
AMD Radeon RX 6650M XT
AMD Radeon RX 6700
AMD Radeon RX 6700 XT
AMD Radeon RX 6700M
AMD Radeon RX 6700S
AMD Radeon RX 6750 GRE
AMD Radeon RX 6750 GRE
AMD Radeon RX 6750 XT
AMD Radeon RX 6800
AMD Radeon RX 6800 XT Firmware
AMD Radeon RX 6800
AMD Radeon RX 6900 XT
AMD Radeon RX 6950XT Firmware
AMD Radeon RX 7600
AMD Radeon RX 7600M
AMD Radeon RX 7600M XT
AMD Radeon RX 7600S
AMD Radeon RX 7700 XT Firmware
AMD Radeon RX 7700S
AMD Radeon RX 7800 XT
AMD Radeon RX 7900
AMD Radeon RX 7900 XT Firmware
AMD Radeon RX 7900XTX Firmware
AMD Radeon RX 7900M
AMD Radeon Software for HIP<23.9.2
All of
Any of
AMD Radeon Pro W5500
AMD Radeon Pro W5700
AMD Radeon Pro W6300
AMD Radeon Pro W6400 Firmware
AMD Radeon Pro W6600
AMD Radeon Pro W6800
AMD Radeon Pro W7500
AMD Radeon Pro W7600
AMD Radeon Pro W7800
AMD Radeon Pro W7900
AMD Radeon Software for HIP<23.q4
All of
Any of
AMD Ryzen 3 7320U
AMD Ryzen 3 7335U Firmware
AMD Ryzen 3 7440U Firmware
AMD Ryzen 5 6600H firmware
AMD Ryzen 5 6600HS Firmware
AMD Ryzen 5 6600U Firmware
AMD Ryzen 5 7500F Firmware
AMD Ryzen 5 7520u firmware
AMD Ryzen 5 7535HS Firmware
AMD Ryzen 5 7535U firmware
AMD Ryzen 5 7540U
AMD Ryzen 5 7600
AMD Ryzen 5 7600X Firmware
AMD Ryzen 5 PRO 7640H
AMD Ryzen 5 7640U Firmware
AMD Ryzen 5 7645HX
AMD Ryzen 5 Pro 7640HS Firmware
AMD Ryzen Pro 7645
AMD Ryzen 7 6800H Firmware
AMD Ryzen 7 6800HS firmware
AMD Ryzen 7 6800U Firmware
AMD Ryzen 7 7700
AMD Ryzen 7 7700X
AMD Ryzen 7 7735HS Firmware
AMD Ryzen 7 7735U Firmware
AMD Ryzen 7 7736U
AMD Ryzen 7 7745HX Firmware
AMD Ryzen 7 7800X3D
AMD Ryzen 7 Pro 7840H
AMD Ryzen 7 7840U
AMD Ryzen 7 Pro 7745 Firmware
AMD Ryzen 7 Pro 7840HS
AMD Ryzen 9 6900HS Firmware
AMD Ryzen 9 6900HX Firmware
AMD Ryzen 9 6980HS Firmware
AMD Ryzen 9 6980HX firmware
AMD Ryzen 9 7845HX firmware
AMD Ryzen 9 7900
AMD Ryzen 9 7900X Firmware
AMD Ryzen 9 7900X3D firmware
AMD Ryzen 9 7940H
AMD Ryzen 9 7945HX Firmware
AMD Ryzen 9 7945HX3D
AMD Ryzen 9 7950X
AMD Ryzen 9 7950X3D
AMD Ryzen 9 Pro 7940HS
AMD Ryzen Pro 7945
Any of
AMD Radeon Software for HIP<23.9.2
AMD Radeon Software for HIP<23.q4

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2023-20598?

    CVE-2023-20598 has a high severity rating due to the potential for arbitrary code execution by an authenticated attacker.

  • How do I fix CVE-2023-20598?

    To fix CVE-2023-20598, update to the latest version of AMD Radeon Software that addresses the vulnerability.

  • Which AMD products are affected by CVE-2023-20598?

    CVE-2023-20598 affects various AMD Radeon graphics cards and software, particularly those prior to version 23.9.2.

  • What could happen if CVE-2023-20598 is exploited?

    If exploited, CVE-2023-20598 could allow an attacker to gain I/O control over arbitrary hardware ports, leading to potential malicious activity.

  • How can I determine if my AMD graphics driver is vulnerable to CVE-2023-20598?

    You can determine vulnerability to CVE-2023-20598 by checking your installed version of AMD Radeon Software against the fixed versions provided by AMD.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203