Published:2023/10/26  Last Updated:2023/10/26

JVNVU#97149791
Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL

Overview

Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL.

Products Affected

  • AMD Software Adrenalin Edition versions prior to 23.9.2 included in the following products
    • Graphics Cards
      • AMD Radeon(tm) RX 5000 Series Graphics Cards
      • AMD Radeon(tm) RX 6000 Series Graphics Cards
      • AMD Radeon(tm) RX 7000 Series Graphics Cards
    • Client Processors
      • AMD Ryzen(tm) 7045 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7020 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7040 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7000 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 6000 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7035 Series Processors with Radeon(tm) Graphics
  • AMD Software PRO Edition versions prior to 23.Q4 included in the following products
    • Graphics Cards
      • AMD Radeon(tm) PRO W5000 Series Graphics Cards
      • AMD Radeon(tm) PRO W6000 Series Graphics Cards
      • AMD Radeon(tm) PRO W7000 Series Graphics Cards
    • Client Processors
      • AMD Ryzen(tm) 7045 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7020 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7040 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7000 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 6000 Series Processors with Radeon(tm) Graphics
      • AMD Ryzen(tm) 7035 Series Processors with Radeon(tm) Graphics

Description

Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-20598).

Impact

By sending a specific IOCTL request, an attacker without the system privilege for the product may perform input/output to any hardware ports or physical/virtual addresses. As a result, the firmware may be deleted or altered, and/or a privilege escalation may be caused.

Solution

Update the Device Driver
Update the device driver to the latest version according to the information provided by the developer.

Vendor Status

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score: 5.5
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)

Credit

Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia