CVE-2023-20592

Advisory lineage Upstream: 0 Downstream: 16

Downstream

DEBIAN-CVE-2023-20592 OPENSUSE-SU-2024:13475-1 OPENSUSE-SU-2025:14772-1 RHSA-2024:0753 RHSA-2024:0978 RHSA-2024:0979

Modified

Published: 14 Nov 2023, 18:54

Last modified:11 Oct 2024, 18:07

Vulnerability Summary

Overall Risk (default)

medium

26/100

CVSS Score

6.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.36% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

14 Nov 2023, 18:54

Published

Vulnerability first disclosed

11 Oct 2024, 18:07

Last Modified

Vulnerability information updated

Description

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.

CVSS Metrics

v3.1•MEDIUM•Score: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS Trends

Current EPSS score: 0.36%• Percentile: 58%

Affected Systems

amd•1st gen amd epyc™ processors
various
amd•2nd gen amd epyc™ processors
various
amd•3rd gen amd epyc™ processors
various
amd•epyc_7001_firmware
na
amd•epyc_7203_firmware
< milanpi_1.0.0.c
amd•epyc_7203p_firmware
< milanpi_1.0.0.c
amd•epyc_7232p_firmware
na
amd•epyc_7251_firmware
na
amd•epyc_7252_firmware
na
amd•epyc_7261_firmware
na
amd•epyc_7262_firmware
na
amd•epyc_7272_firmware
na
amd•epyc_7281_firmware
na
amd•epyc_7282_firmware
na
amd•epyc_72f3_firmware
< milanpi_1.0.0.c
amd•epyc_7301_firmware
na
amd•epyc_7302_firmware
na
amd•epyc_7302p_firmware
na
amd•epyc_7303_firmware
< milanpi_1.0.0.c
amd•epyc_7303p_firmware
< milanpi_1.0.0.c
amd•epyc_7313_firmware
< milanpi_1.0.0.c
amd•epyc_7313p_firmware
< milanpi_1.0.0.c
amd•epyc_7343_firmware
< milanpi_1.0.0.c
amd•epyc_7351_firmware
na
amd•epyc_7351p_firmware
na
amd•epyc_7352_firmware
na
amd•epyc_7371_firmware
na
amd•epyc_7373x_firmware
< milanpi_1.0.0.c
amd•epyc_73f3_firmware
< milanpi_1.0.0.c
amd•epyc_7401_firmware
na
amd•epyc_7401p_firmware
na
amd•epyc_7402_firmware
na
amd•epyc_7402p_firmware
na
amd•epyc_7413_firmware
< milanpi_1.0.0.c
amd•epyc_7443_firmware
< milanpi_1.0.0.c
amd•epyc_7443p_firmware
< milanpi_1.0.0.c
amd•epyc_7451_firmware
na
amd•epyc_7452_firmware
na
amd•epyc_7453_firmware
< milanpi_1.0.0.c
amd•epyc_7473x_firmware
< milanpi_1.0.0.c
amd•epyc_74f3_firmware
< milanpi_1.0.0.c
amd•epyc_7501_firmware
na
amd•epyc_7502_firmware
na
amd•epyc_7502p_firmware
na
amd•epyc_7513_firmware
< milanpi_1.0.0.c
amd•epyc_7532_firmware
na
amd•epyc_7542_firmware
na
amd•epyc_7543_firmware
< milanpi_1.0.0.c
amd•epyc_7543p_firmware
< milanpi_1.0.0.c
amd•epyc_7551_firmware
na

Showing first 50 affected entries in server-rendered view.

References (1)

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3005