Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amdAmd.comAMD-SB-6003
HistoryNov 14, 2023 - 12:00 a.m.

AMD Graphics Driver Vulnerabilities – November 2023

2023-11-1400:00:00
amd.com
www.amd.com
10
amd
graphics driver
vulnerabilities
bounds checking
signature verification
input validation
denial of service
arbitrary code execution
windows
radeon
ryzen
athlon
vega
driver update

8 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.0%

JSON

Bulletin ID: AMD-SB-6003 **Potential Impact:**Varies by CVE, see descriptions below **Severity:**Varies by CVE, see descriptions below

Summary

AMD received reports of vulnerabilities potentially affecting some AMD Graphics products. Refer to the CVE Details section for information about each CVE.

CVE Details

Refer to Glossary for explanation of terms

CVE Severity CVE Description
CVE-2021-46748 Medium Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.
CVE-2023-20567 Medium Improper signature verification of RadeonTMRX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution.
CVE-2023-20568 Medium Improper signature verification of RadeonTMRX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution.
CVE-2023-31320 Medium Improper input validation in the AMD RadeonTMGraphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.

Affected Products and Mitigation

Graphics Cards

AMD recommends updating the AMD Graphics Driver to the version recommended for your product below. Please refer to your Original Equipment Manufacturer (OEM) for the driver update specific to your product.

Platform Applicable CVE(s) Release Version
AMD Radeon™ RX 5000 Series Graphics CardsAMD Radeon™ RX 6000 Series Graphics CardsAMD Radeon™ RX 7000 Series Graphics Cards CVE-2021-46748CVE-2023-20567CVE-2023-20568CVE-2023-31320 AMD Software: Adrenalin Edition 23.7.1 (23.10.01.45)
AMD Radeon™ PRO W5000 Series Graphics CardsAMD Radeon™ PRO W6000 Series Graphics CardsAMD Radeon™ PRO W7000 Series Graphics Cards CVE-2021-46748CVE-2023-20567CVE-2023-20568CVE-2023-31320 AMD Software: PRO Edition 23.Q3 (23.10.18.05)
AMD Radeon™ RX Vega Series Graphics CardsAMD Radeon™ PRO WX Vega Series Graphics Cards CVE-2021-46748CVE-2023-20567CVE-2023-20568CVE-2023-31320 Please refer to your OEM for the update specific to your product.
OS Support Version
Windows 11 Version 21H2 and later
Windows 10 64-bit Version 1809 and later
Windows Server 2022 21H2
Windows Server 2019 1809

Client Processors

Platform Program Applicable CVEs Release Version Mitigation
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne” CVE-2021-46748CVE-2023-20567CVE-2023-20568CVE-2023-31320 AMD Software: Adrenalin Edition 23.7.1 (23.10.01.45)AMD Software: PRO Edition 23.Q3 (23.10.18.05)

AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics| “Lucienne”
AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics| “Picasso” FP5
AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics| “Renoir” AM4
AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics| “Cezanne”
AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics| “Picasso” AM4
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics| “Pollock”
AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics| “Barcelo”| CVE-2023-20567CVE-2023-20568CVE-2023-31320
AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics| “Barcelo-R”
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics| “Dali”/”Dali” FP5
AMD Ryzen™ 7045 Series Processors with Radeon™ Graphics| “Dragon Range”
AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics| “Mendocino” FT6
AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics| “Phoenix” AM5
AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics| “Raphael” X3D
AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics| “Renoir” FP6
AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics| “Rembrandt”
AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics| “Rembrandt-R”

Related

hp 1
intel 1
githubexploit 1
cve 4
cvelist 4
nvd 4
prion 4
hp
hp
AMD Graphics Driver November 2023 Security Update
2023-11-21 00:00:00
intel
intel
Intel® Core™ Processors with Radeon™ RX Vega M Graphics  Advisory
2023-11-14 00:00:00
githubexploit
githubexploit
Exploit for Improper Input Validation in Amd Radeon Software
2023-08-22 21:15:46
cve
cve
CVE-2023-31320
2023-11-14 19:15:25
CVE-2021-46748
2023-11-14 19:15:10
CVE-2023-20568
2023-11-14 19:15:15
cvelist
cvelist
CVE-2021-46748
2023-11-14 18:50:52
CVE-2023-31320
2023-11-14 18:51:43
CVE-2023-20567
2023-11-14 18:51:25
nvd
nvd
CVE-2021-46748
2023-11-14 19:15:10
CVE-2023-31320
2023-11-14 19:15:25
CVE-2023-20568
2023-11-14 19:15:15
prion
prion
Input validation
2023-11-14 19:15:00
Out-of-bounds
2023-11-14 19:15:00
Input validation
2023-11-14 19:15:00

8 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.0%

JSON
Related for AMD-SB-6003
hp1intel1githubexploit1cve4cvelist4nvd4prion4