[{"vendor":"amd","product":"amd_uprof","defaultStatus":"unaffected","cpes":["cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"4.2","versionType":"custom","status":"affected"}]}]

{"timestamp":"2024-08-13T17:35:08.732349Z","id":"CVE-2023-31341","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"AMD","product":"μProf Tool","defaultStatus":"unaffected","versions":[{"version":"μProf Tool","lessThan":"3.4.494","versionType":"custom","status":"affected"}]}]

Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD ?Prof may
allow an authenticated attacker to cause an out-of-bounds write, potentially
causing a Windows® OS crash, resulting in denial of service.

Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD μProf may
allow an authenticated attacker to cause an out-of-bounds write, potentially
causing a Windows® OS crash, resulting in denial of service.

Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD ?Prof may
allow an authenticated attacker to cause an out-of-bounds write, potentially
causing a Windows® OS crash, resulting in denial of service.

Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD ?Prof may
allow an authenticated attacker to cause an out-of-bounds write, potentially
causing a Windows® OS crash, resulting in denial of service.

NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NIST NVD-CWE-noinfo

OR
     *cpe:2.3:a:amd:uprof:*:*:*:*:*:linux:*:* versions up to (excluding) 4.1.424
     *cpe:2.3:a:amd:uprof:*:*:*:*:*:freebsd:*:* versions up to (excluding) 4.2.816
     *cpe:2.3:a:amd:uprof:*:*:*:*:*:windows:*:* versions up to (excluding) 4.2.845

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 No Types Assigned

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 Vendor Advisory

Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD ?Prof may
allow an authenticated attacker to cause an out-of-bounds write, potentially
causing a Windows® OS crash, resulting in denial of service.

Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD μProf may
allow an authenticated attacker to cause an out-of-bounds write, potentially
causing a Windows® OS crash, resulting in denial of service.

Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD μProf may
allow an authenticated attacker to cause an out-of-bounds write, potentially
causing a Windows® OS crash, resulting in denial of service.

Advanced Micro Devices Inc. AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Advanced Micro Devices Inc. CWE-284

Advanced Micro Devices Inc. https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 [No types assigned]