← back
CVE-2023-31306

CVE-2023-31306

CVSS 3.3 LOWEPSS 0.1%CWE-129
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
06 Sep 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected products
AMD · AMD Radeon™ PRO V520 Graphics ProductsAMD · AMD Radeon™ PRO V620 Graphics ProductsAMD · AMD Radeon™ PRO W5000 Series Graphics ProductsAMD · AMD Radeon™ PRO W6000 Series Graphics ProductsAMD · AMD Radeon™ RX 5000 Series Graphics ProductsAMD · AMD Radeon™ RX 6000 Series Graphics Products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html