CVE-2022-23818

EPSS 0.09%
Published 09.05.2023 19:15:11
Last modified 28.01.2025 16:15:33
Source psirt@amd.com
Teams watchlist Login
Open Login

Insufficient input validation on the model
specific register: VM_HSAVE_PA may potentially lead to loss of SEV-SNP guest
memory integrity.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Amd ≫ Epyc 72f3 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 72f3 Version-

Amd ≫ Epyc 7313 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7313 Version-

Amd ≫ Epyc 7313p Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7313p Version-

Amd ≫ Epyc 7343 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7343 Version-

Amd ≫ Epyc 7373x Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7373x Version-

Amd ≫ Epyc 73f3 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 73f3 Version-

Amd ≫ Epyc 7413 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7413 Version-

Amd ≫ Epyc 7443 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7443 Version-

Amd ≫ Epyc 7443p Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7443p Version-

Amd ≫ Epyc 7453 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7453 Version-

Amd ≫ Epyc 7473x Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7473x Version-

Amd ≫ Epyc 74f3 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 74f3 Version-

Amd ≫ Epyc 7513 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7513 Version-

Amd ≫ Epyc 7543 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7543 Version-

Amd ≫ Epyc 7543p Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7543p Version-

Amd ≫ Epyc 7573x Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7573x Version-

Amd ≫ Epyc 75f3 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 75f3 Version-

Amd ≫ Epyc 7643 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7643 Version-

Amd ≫ Epyc 7663 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7663 Version-

Amd ≫ Epyc 7713 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7713 Version-

Amd ≫ Epyc 7713p Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7713p Version-

Amd ≫ Epyc 7763 Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7763 Version-

Amd ≫ Epyc 7773x Firmware Versionmilanpi_1.0.0.9

Amd ≫ Epyc 7773x Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.235

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-23818

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-23818

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-23818

EUVD