Bug 2224044 (CVE-2023-20562)

Summary: CVE-2023-20562 hw: amd: uProf allow unsigned driver to load
Product: [Other] Security Response Reporter: Rohit Keshri <rkeshri>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: acaringi, allarkin, bhu, chwhite, crwood, dbohanno, ddepaula, debarbos, dvlasenk, ezulian, hkrzesin, jarod, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, ldoskova, lgoncalv, lleshchi, lzampier, nmurray, ptalbert, qzhao, rrobaina, rvrbovsk, rysulliv, scweaver, security-response-team, tglozar, tyberry, walters, wcosta, williams, wmealing, ycote, ymankad
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver, potentially leading to arbitrary kernel execution.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-08-08 21:38:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2224053    

Description Rohit Keshri 2023-07-19 16:30:56 UTC 
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.

AMD μProf (“MICRO-prof”) is a software profiling analysis tool for x86 applications running on Windows, Linux and FreeBSD operating systems and provides event information unique to the AMD “Zen”-based processors and AMD INSTINCTTM MI Series accelerators. AMD μProf enables the developer to better understand application performance and evaluate potential improvements.

Refer:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7003.html
Comment 5 Product Security DevOps Team 2023-08-08 21:38:12 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-20562