AMD uProf IOCTL Buffer Bypass Allows Unsigned Driver Load
CVE-2023-20562 Published on August 8, 2023

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.

Vendor Advisory NVD

Products Associated with CVE-2023-20562

Want to know whenever a new CVE is published for AMD Uprof? stack.watch will email you.

AMD Uprof

Affected Versions

AMD μProf:

Version various and below 4.1.396 is affected.

AMD μProf:

Version various and below 4.1-424 is affected.

amd uprof_tool:

Before 4.1.396 is affected.
Before 4.1-424 is affected.

Exploit Probability

EPSS

8.62%

Percentile

92.40%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

AMD uProf IOCTL Buffer Bypass Allows Unsigned Driver LoadCVE-2023-20562 Published on August 8, 2023

Products Associated with CVE-2023-20562

Affected Versions

Exploit Probability

AMD uProf IOCTL Buffer Bypass Allows Unsigned Driver Load
CVE-2023-20562 Published on August 8, 2023