CVE-2023-31306

{"id": "CVE-2023-31306", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@amd.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2025-09-06T17:15:31.037", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html", "source": "psirt@amd.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@amd.com", "description": [{"lang": "en", "value": "CWE-129"}]}], "descriptions": [{"lang": "en", "value": "Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability."}], "lastModified": "2025-09-08T16:25:38.810", "sourceIdentifier": "psirt@amd.com"}