[Japanese]

JVNDB-2023-004294

Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL

Overview

Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-20598).

Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 5.5 (Medium) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None
Affected Products


Advanced Micro Devices (AMD)
  • AMD Software Adrenalin Edition versions prior to 23.9.2 included in the following products[1]
  • AMD Software PRO AMD Software PRO Edition versions prior to 23.Q4 included in the following products[2]

[1]
- Graphics Cards
* AMD Radeon(tm) RX 5000 Series Graphics Cards
* AMD Radeon(tm) RX 6000 Series Graphics Cards
* AMD Radeon(tm) RX 7000 Series Graphics Cards
- Client Processors
* AMD Ryzen(tm) 7045 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7020 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7040 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7000 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 6000 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7035 Series Processors with Radeon(tm) Graphics

[2]
- Graphics Cards
* AMD Radeon(tm) PRO W5000 Series Graphics Cards
* AMD Radeon(tm) PRO W6000 Series Graphics Cards
* AMD Radeon(tm) PRO W7000 Series Graphics Cards
- Client Processors
* AMD Ryzen(tm) 7045 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7020 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7040 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7000 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 6000 Series Processors with Radeon(tm) Graphics
* AMD Ryzen(tm) 7035 Series Processors with Radeon(tm) Graphics
Impact

By sending a specific IOCTL request, an attacker without the system privilege for the product may perform input/output to any hardware ports or physical/virtual addresses. As a result, the firmware may be deleted or altered, and/or a privilege escalation may be caused.
Solution

[Update the Device Driver]
Update the device driver to the latest version according to the information provided by the developer.

Vendor Information

Advanced Micro Devices (AMD)
CWE (What is CWE?)

  1. Exposed IOCTL with Insufficient Access Control(CWE-782) [Other]
CVE (What is CVE?)

  1. CVE-2023-20598
References

  1. JVN : JVNVU#97149791
  2. JVN : JVNTA#90371415
  3. National Vulnerability Database (NVD) : CVE-2023-20598
Revision History

  • [2023/10/27]
      Web page published
  • [2024/04/24]
      References : Content was added
  • [2024/05/20]
      References : Content was added