5.6
CVE-2023-20585
- EPSS 0.02%
- Veröffentlicht 16.04.2026 18:42:28
- Zuletzt bearbeitet 17.04.2026 15:14:05
- Quelle psirt@amd.com
- CVE-Watchlists
- Unerledigt
Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerAMD
≫
Produkt
AMD EPYC™ 7003 Series Processors
Default Statusaffected
Version
SEV FW 1.37.23
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ 9004 Series Processors
Default Statusaffected
Version
SEV FW 1.37.31
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 7003 Series Processors
Default Statusaffected
Version
EmbMilanPI-SP3 1.0.0.B
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 9004 Series Processors
Default Statusaffected
Version
EmbGenoaPI-1.0.0.A
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.043 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@amd.com | 5.6 | 0 | 0 |
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-788 Access of Memory Location After End of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.