CVE-2023-31316 PUBLISHED

Assigner: AMD
Reserved: 27.04.2023 Published: 15.05.2026 Updated: 15.05.2026

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L
CVSS Score: 7.1

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	Low	Confidentiality	Low
Attack Complexity	High	Integrity	High	Integrity	High
Attack Requirements	Present	Availability	Low	Availability	Low
Privileges Required	Low
User Interaction	None

CVSS 4.0

Product Status

Vendor	AMD
Product	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
Versions	Default: affected Version Cezanne-FP6 1.0.1.0 is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7000 Series Desktop Processors
Versions	Default: affected Version ComboAM5PI 1.0.0.a is unaffected

Vendor	AMD
Product	AMD Ryzen™ 4000 Series Desktop Processors
Versions	Default: affected Version ComboAM4v2 1.2.0.Ca is unaffected

Vendor	AMD
Product	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics
Versions	Default: affected Version ComboAM4v2 1.2.0.Ca is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics
Versions	Default: affected Version PhoenixPI-FP8-FP7_1.1.0.0 is unaffected

Vendor	AMD
Product	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
Versions	Default: affected Version Renoir-FP6 1.0.0.D is unaffected

Vendor	AMD
Product	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics
Versions	Default: affected Version Rembrandt-FP7 1.0.0.A is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
Versions	Default: affected Version MendocinoPI-FT6_1.0.0.6 is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics
Versions	Default: affected Version DragonRangeFL1PI 1.0.0.3C is unaffected

Vendor	AMD
Product	AMD Ryzen™ Embedded V2000 Series Processors
Versions	Default: affected Version EmbeddedPI-FP6_1.0.0.9 is unaffected

Vendor	AMD
Product	AMD Ryzen™ Embedded V3000 Series Processors
Versions	Default: affected Version Embedded-PI_FP7r2 1009 is unaffected

Vendor	AMD
Product	AMD Radeon™ RX 6000 Series Graphics Products
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.12.1 (25.10.37.01) is unaffected

Vendor	AMD
Product	AMD Radeon™ RX 7000 Series Graphics Products
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.11.1 (25.20.29.01) is unaffected

Vendor	AMD
Product	AMD Radeon™ PRO W7000 Series Graphics Products
Versions	Default: affected Version AMD Software: PRO Edition 25.Q3.1 (25.10.32) is unaffected

Vendor	AMD
Product	AMD Radeon™ PRO W6000 Series Graphics Products
Versions	Default: affected Version AMD Software: PRO Edition 25.Q4 (25.10.37.01) is unaffected

Vendor	AMD
Product	AMD Instinct™ MI250
Versions	Default: affected Version ROCm 6.4 is unaffected

Vendor	AMD
Product	AMD Instinct™ MI210
Versions	Default: affected Version ROCm 6.4 is unaffected

Vendor	AMD
Product	AMD Radeon™ PRO V620
Versions	Default: affected Version Contact your AMD Customer Engineering representative is unaffected

References

Problem Types

CWE-1304 Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation CWE