Summary
| Detail | |||
|---|---|---|---|
| Vendor | Amd | First view | 2021-12-01 |
| Product | Amd Uprof | Last view | 2023-08-08 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:amd:amd_uprof:*:*:*:*:*:*:*:* | 6 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2023-08-08 | CVE-2023-20562 | Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. |
| 5.5 | 2023-08-08 | CVE-2023-20561 | Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service. |
| 5.5 | 2023-08-08 | CVE-2023-20556 | Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. |
| 7.5 | 2022-11-09 | CVE-2022-27674 | Insufficient validation in the IOCTL input/output buffer in AMD µProf may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of service. |
| 7.5 | 2022-11-09 | CVE-2022-23831 | Insufficient validation of the IOCTL input buffer in AMD µProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service. |
| 9.9 | 2021-12-01 | CVE-2021-26334 | The AMDPowerProfiler.sys driver of AMD µProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user. |
