CVE-2021-26334

CVE-2021-26334 affects AMD μProf Tool via the AMDPowerProfiler.sys driver. The root cause is improper access control that could let a low-privilege user access MSRs in the kernel, enabling privilege escalation and potential ring-0 code execution. Affected product: AMD μProf (AMDuProf). Exploitati...

CVE-2022-23831

CVE-2022-23831 affects AMD μProf. The issue is insufficient validation of the IOCTL input buffer, which can allow an attacker to send an arbitrary buffer and cause a Windows kernel crash, leading to a denial of service. Affected product: AMD μProf across Windows/Linux, per AMD bulletin AMD-SB-104...

CVE-2023-20562

CVE-2023-20562 involves AMD μProf (AMD uProf) where there is insufficient validation in the IOCTL input buffer. The impact described across sources is that an authenticated user may load an unsigned driver, potentially enabling arbitrary kernel execution. Connected materials explicitly discuss ex...

CVE-2022-27674

AMD μProf is affected by CVE-2022-27674 due to insufficient validation of the IOCTL input/output buffer, potentially allowing bypass of bounds checks and causing a Windows kernel crash with denial of service. The AMD security bulletin AMD-SB-1046 describes the condition and lists affected platfor...

CVE-2023-20556

CVE-2023-20556 involves AMD μProf. The issue is insufficient validation of the IOCTL input buffer, which could allow an authenticated user to send an arbitrary buffer and cause a Windows crash, leading to a denial of service (DoS). AMD’s bulletin AMD-SB-7003 confirms affected product is AMD μProf...

CVE-2023-20561

CVE-2023-20561 describes insufficient validation of the IOCTL input buffer in AMD μProf, enabling an authenticated user to send an arbitrary address that may crash Windows and cause denial of service. The issue is tied to the AMD μProf tool across Windows/Linux/FreeBSD with impact described as Do...