CVE-2023-20588

EPSS 6.11%
Published 08.08.2023 18:15:11
Last modified 21.11.2024 07:41:10
Source psirt@amd.com
Teams watchlist Login
Open Login

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

Affected products Warnungen 0 Metrics 2 CWE 1 References 31

Data is provided by the National Vulnerability Database (NVD)

Debian ≫ Debian Linux Version10.0

Debian ≫ Debian Linux Version11.0

Debian ≫ Debian Linux Version12.0

Amd ≫ Epyc 7351p Firmware Version-

Amd ≫ Epyc 7351p Version-

Amd ≫ Epyc 7401p Firmware Version-

Amd ≫ Epyc 7401p Version-

Amd ≫ Epyc 7551p Firmware Version-

Amd ≫ Epyc 7551p Version-

Amd ≫ Epyc 7251 Firmware Version-

Amd ≫ Epyc 7251 Version-

Amd ≫ Epyc 7261 Firmware Version-

Amd ≫ Epyc 7261 Version-

Amd ≫ Epyc 7281 Firmware Version-

Amd ≫ Epyc 7281 Version-

Amd ≫ Epyc 7301 Firmware Version-

Amd ≫ Epyc 7301 Version-

Amd ≫ Epyc 7351 Firmware Version-

Amd ≫ Epyc 7351 Version-

Amd ≫ Epyc 7371 Firmware Version-

Amd ≫ Epyc 7371 Version-

Amd ≫ Epyc 7401 Firmware Version-

Amd ≫ Epyc 7401 Version-

Amd ≫ Epyc 7451 Firmware Version-

Amd ≫ Epyc 7451 Version-

Amd ≫ Epyc 7501 Firmware Version-

Amd ≫ Epyc 7501 Version-

Amd ≫ Epyc 7551 Firmware Version-

Amd ≫ Epyc 7551 Version-

Amd ≫ Epyc 7571 Firmware Version-

Amd ≫ Epyc 7571 Version-

Amd ≫ Epyc 7601 Firmware Version-

Amd ≫ Epyc 7601 Version-

Amd ≫ Ryzen 5 Pro 3400g Firmware Version-

Amd ≫ Ryzen 5 Pro 3400g Version-

Amd ≫ Ryzen 5 3400g Firmware Version-

Amd ≫ Ryzen 5 3400g Version-

Amd ≫ Ryzen 5 Pro 3400ge Firmware Version-

Amd ≫ Ryzen 5 Pro 3400ge Version-

Amd ≫ Ryzen 5 Pro 3350g Firmware Version-

Amd ≫ Ryzen 5 Pro 3350g Version-

Amd ≫ Ryzen 5 Pro 3350ge Firmware Version-

Amd ≫ Ryzen 5 Pro 3350ge Version-

Amd ≫ Ryzen 3 Pro 3200g Firmware Version-

Amd ≫ Ryzen 3 Pro 3200g Version-

Amd ≫ Ryzen 3 3200g Firmware Version-

Amd ≫ Ryzen 3 3200g Version-

Amd ≫ Ryzen 3 3200ge Firmware Version-

Amd ≫ Ryzen 3 3200ge Version-

Amd ≫ Ryzen 3 Pro 3200ge Firmware Version-

Amd ≫ Ryzen 3 Pro 3200ge Version-

Amd ≫ Athlon Pro 300ge Firmware Version-

Amd ≫ Athlon Pro 300ge Version-

Amd ≫ Athlon Gold 3150ge Firmware Version-

Amd ≫ Athlon Gold 3150ge Version-

Amd ≫ Athlon Gold Pro 3150ge Firmware Version-

Amd ≫ Athlon Gold Pro 3150ge Version-

Amd ≫ Athlon Gold 3150g Firmware Version-

Amd ≫ Athlon Gold 3150g Version-

Amd ≫ Athlon Gold Pro 3150g Firmware Version-

Amd ≫ Athlon Gold Pro 3150g Version-

Amd ≫ Athlon Silver 3050ge Firmware Version-

Amd ≫ Athlon Silver 3050ge Version-

Amd ≫ Athlon Silver Pro 3125ge Firmware Version-

Amd ≫ Athlon Silver Pro 3125ge Version-

Xen ≫ Xen Version-

Fedoraproject ≫ Fedora Version37

Fedoraproject ≫ Fedora Version38

Fedoraproject ≫ Fedora Version39

Microsoft ≫ Windows 10 1507 Version < 10.0.10240.20345

Microsoft ≫ Windows 10 1607 Version < 10.0.14393.6529

Microsoft ≫ Windows 10 1809 Version < 10.0.17763.5206

Microsoft ≫ Windows 10 21h2 Version < 10.0.19044.3803

Microsoft ≫ Windows 10 22h2 Version < 10.0.19045.3803

Microsoft ≫ Windows 11 21h2 Version < 10.0.22000.2652

Microsoft ≫ Windows 11 22h2 Version < 10.0.22621.2861

Microsoft ≫ Windows 11 23h2 Version < 10.0.22631.2861

Microsoft ≫ Windows Server 2008 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1 HwPlatformx64

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Server 2016 Version < 10.0.14393.6529

Microsoft ≫ Windows Server 2019 Version < 10.0.17763.5206

Microsoft ≫ Windows Server 2022 23h2 Version < 10.0.25398.584

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.11%	0.904

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-369 Divide By Zero

The product divides a value by zero.

https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html

Third Party Advisory

Mailing List

https://www.debian.org/security/2023/dsa-5480

Third Party Advisory

https://www.debian.org/security/2023/dsa-5492

Third Party Advisory

http://www.openwall.com/lists/oss-security/2023/09/25/4

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/25/7

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/25/3

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/25/5

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/25/8

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/26/5

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/26/8

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/26/9

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/27/1

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/03/12

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/03/13

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/03/14

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/03/15

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/03/16

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/03/9

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/04/1

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/04/2

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/04/3

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/10/04/4

Third Party Advisory

Mailing List

http://xenbits.xen.org/xsa/advisory-439.html

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/

Mailing List

https://security.netapp.com/advisory/ntap-20240531-0005/

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-20588

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-20588

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-20588

EUVD