{"cve":{"cve_id":"CVE-2023-31324","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00101,"epss_percentile":0.01083,"epss_as_of":"2026-06-23","description":"A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.","published_at":"2026-02-11T14:34:54.024000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":7.1,"cvss_v4_vector":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L","cvss_v4_severity":"HIGH","ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":["CWE-367"],"nvd_references":["https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:30:25.178791Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"H","value_label":"High"},{"metric":"SA","name":"Availability (Subsequent System)","value":"L","value_label":"Low"}]},"affected":[{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-instinct-mi210","product_name":"AMD Instinct™ MI210","version_start":"ROCm 6.4","version_start_inclusive":true,"version_end":"ROCm 6.4","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-instinct-mi210:ROCm 6.4:ROCm 6.4"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-instinct-mi250","product_name":"AMD Instinct™ MI250","version_start":"ROCm 6.4","version_start_inclusive":true,"version_end":"ROCm 6.4","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-instinct-mi250:ROCm 6.4:ROCm 6.4"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-instinct-mi300a","product_name":"AMD Instinct™ MI300A","version_start":"ROCm 6.4","version_start_inclusive":true,"version_end":"ROCm 6.4","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-instinct-mi300a:ROCm 6.4:ROCm 6.4"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-instinct-mi300x","product_name":"AMD Instinct™ MI300X","version_start":"ROCm 6.4","version_start_inclusive":true,"version_end":"ROCm 6.4","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-instinct-mi300x:ROCm 6.4:ROCm 6.4"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-radeon-pro-w5000-series-graphics-products","product_name":"AMD Radeon™ PRO W5000 Series Graphics Products","version_start":"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)","version_start_inclusive":true,"version_end":"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-radeon-pro-w5000-series-graphics-products:AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10):AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-radeon-rx-5000-series-graphics-products","product_name":"AMD Radeon™ RX 5000 Series Graphics Products","version_start":"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)","version_start_inclusive":true,"version_end":"AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-radeon-rx-5000-series-graphics-products:AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10):AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-02-11T14:34:54.024000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:28:10.983340Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:28:10.983340Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:28:10.983340Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:30:25.178791Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:30:25.178791Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:30:25.178791Z","label":"SSVC decision revised","source":"vulnrichment"}]}