Improper Validation in AMD PMFW Lets Privileged Attacker Export Malformed Args
CVE-2023-31309 Published on May 15, 2026

Improper validation in Power Management Firmware (PMFW) may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability.

NVD

Weakness Type

What is an out-of-bounds array index Vulnerability?

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

CVE-2023-31309 has been classified to as an out-of-bounds array index vulnerability or weakness.

Affected Versions

AMD Radeon™ RX 6000 Series Graphics Products:

Version AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01) is unaffected.

AMD Radeon™ PRO W6000 Series Graphics Products:

Version AMD Software: PRO Edition 23.Q4 is unaffected.

AMD Radeon™ PRO V520:

Version Contact your AMD Customer Engineering representative is unaffected.

AMD Radeon™ PRO V620:

Version Contact your AMD Customer Engineering representative is unaffected.

Improper Validation in AMD PMFW Lets Privileged Attacker Export Malformed ArgsCVE-2023-31309 Published on May 15, 2026

Weakness Type

What is an out-of-bounds array index Vulnerability?

Affected Versions

Improper Validation in AMD PMFW Lets Privileged Attacker Export Malformed Args
CVE-2023-31309 Published on May 15, 2026