{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-31324","assignerOrgId":"b58fc414-a1e4-4f92-9d70-1add41838648","state":"PUBLISHED","assignerShortName":"AMD","dateReserved":"2023-04-27T15:25:41.424Z","datePublished":"2026-02-11T14:34:54.024Z","dateUpdated":"2026-02-11T15:42:39.488Z"},"containers":{"cna":{"providerMetadata":{"orgId":"b58fc414-a1e4-4f92-9d70-1add41838648","shortName":"AMD","dateUpdated":"2026-02-11T14:34:54.024Z"},"affected":[{"defaultStatus":"affected","vendor":"AMD","product":"AMD Radeon™ RX 5000 Series Graphics Products","versions":[{"version":"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Radeon™ PRO W5000 Series Graphics Products","versions":[{"version":"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI210","versions":[{"version":"ROCm 6.4","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI250","versions":[{"version":"ROCm 6.4","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI300A","versions":[{"version":"ROCm 6.4","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI300X","versions":[{"version":"ROCm 6.4","status":"unaffected"}]}],"datePublic":"2026-02-11T14:11:05.353Z","descriptions":[{"lang":"en","value":"A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.","supportingMedia":[{"base64":false,"type":"text/html","value":"A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.<br>"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-367","description":"CWE-367  Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en","type":"CWE"}]}],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"AMD PSIRT Automation 1.0"},"metrics":[{"cvssV4_0":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","baseScore":7.1,"baseSeverity":"HIGH"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-02-11T15:36:37.735258Z","id":"CVE-2023-31324","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-11T15:42:39.488Z"}}]}}