1. Home
  2. CVE Database
  3. CVE-2023-20510
MEDIUM · 4.7

CVE-2023-20510

An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.

Vulnerability Description

An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.

CVSS Score

4.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
HIGH

Affected Products

VendorProductVersions
AmdRadeon Software< 23.12.1
AmdRadeon Rx 6300M-
AmdRadeon Rx 6400-
AmdRadeon Rx 6450M-
AmdRadeon Rx 6500 Xt-
AmdRadeon Rx 6500M-
AmdRadeon Rx 6550M-
AmdRadeon Rx 6550S-
AmdRadeon Rx 6600-
AmdRadeon Rx 6600 Xt-
AmdRadeon Rx 6600M-
AmdRadeon Rx 6600S-
AmdRadeon Rx 6650 Xt-
AmdRadeon Rx 6650M-
AmdRadeon Rx 6650M Xt-
AmdRadeon Rx 6700-
AmdRadeon Rx 6700 Xt-
AmdRadeon Rx 6700M-
AmdRadeon Rx 6700S-
AmdRadeon Rx 6750 Gre-

References

FAQ

What is CVE-2023-20510?

CVE-2023-20510 is a vulnerability with a CVSS score of 4.7 (MEDIUM). An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.

How severe is CVE-2023-20510?

CVE-2023-20510 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-20510?

Check the references section above for vendor advisories and patch information. Affected products include: Amd Radeon Software, Amd Radeon Rx 6300M, Amd Radeon Rx 6400, Amd Radeon Rx 6450M, Amd Radeon Rx 6500 Xt.