Synced 18 Jun 2026 05:58 UTC Account
← All products

CVE-2023-31324

HIGH severity · CVSS 7.8 · CWE-367
7.8CVSS HIGH

Summary

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.

Impact & exploitability

Attack vectorLocal
Attack complexityHigh
Privileges requiredLow
User interactionNone
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)0%

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products we track (1)

AMD Radeon Software

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information