CVE-2023-20593

Exploit

EPSS 6.32%
Veröffentlicht 24.07.2023 20:15:10
Zuletzt bearbeitet 13.02.2025 17:16:01
Quelle psirt@amd.com
Teams Watchlist Login
Unerledigt Login

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 38

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Xen ≫ Xen Version4.14.0 HwPlatformx86

Xen ≫ Xen Version4.15.0 HwPlatformx86

Xen ≫ Xen Version4.16.0 HwPlatformx86

Xen ≫ Xen Version4.17.0 HwPlatformx86

Debian ≫ Debian Linux Version10.0

Debian ≫ Debian Linux Version11.0

Debian ≫ Debian Linux Version12.0

Amd ≫ Ryzen 3 3100 Firmware Version-

Amd ≫ Ryzen 3 3100 Version-

Amd ≫ Ryzen 3 3300x Firmware Version-

Amd ≫ Ryzen 3 3300x Version-

Amd ≫ Ryzen 5 3500 Firmware Version-

Amd ≫ Ryzen 5 3500 Version-

Amd ≫ Ryzen 5 3500x Firmware Version-

Amd ≫ Ryzen 5 3500x Version-

Amd ≫ Ryzen 5 3600 Firmware Version-

Amd ≫ Ryzen 5 3600 Version-

Amd ≫ Ryzen 5 3600x Firmware Version-

Amd ≫ Ryzen 5 3600x Version-

Amd ≫ Ryzen 5 3600xt Firmware Version-

Amd ≫ Ryzen 5 3600xt Version-

Amd ≫ Ryzen 7 3700x Firmware Version-

Amd ≫ Ryzen 7 3700x Version-

Amd ≫ Ryzen 7 3800x Firmware Version-

Amd ≫ Ryzen 7 3800x Version-

Amd ≫ Ryzen 7 3800xt Firmware Version-

Amd ≫ Ryzen 7 3800xt Version-

Amd ≫ Ryzen 9 3900 Firmware Version-

Amd ≫ Ryzen 9 3900 Version-

Amd ≫ Ryzen 9 3900x Firmware Version-

Amd ≫ Ryzen 9 3900x Version-

Amd ≫ Ryzen 9 3900xt Firmware Version-

Amd ≫ Ryzen 9 3900xt Version-

Amd ≫ Ryzen 9 3950x Firmware Version-

Amd ≫ Ryzen 9 3950x Version-

Amd ≫ Ryzen 9 Pro 3900 Firmware Version-

Amd ≫ Ryzen 9 Pro 3900 Version-

Amd ≫ Ryzen Threadripper Pro 3995wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 3995wx Version-

Amd ≫ Ryzen Threadripper Pro 3975wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 3975wx Version-

Amd ≫ Ryzen Threadripper Pro 3955wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 3955wx Version-

Amd ≫ Ryzen Threadripper Pro 3945wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 3945wx Version-

Amd ≫ Ryzen Threadripper 3990x Firmware Version-

Amd ≫ Ryzen Threadripper 3990x Version-

Amd ≫ Ryzen Threadripper 3970x Firmware Version-

Amd ≫ Ryzen Threadripper 3970x Version-

Amd ≫ Ryzen Threadripper 3960x Firmware Version-

Amd ≫ Ryzen Threadripper 3960x Version-

Amd ≫ Ryzen 7 4700g Firmware Version-

Amd ≫ Ryzen 7 4700g Version-

Amd ≫ Ryzen 7 4700ge Firmware Version-

Amd ≫ Ryzen 7 4700ge Version-

Amd ≫ Ryzen 5 4600g Firmware Version-

Amd ≫ Ryzen 5 4600g Version-

Amd ≫ Ryzen 5 4600ge Firmware Version-

Amd ≫ Ryzen 5 4600ge Version-

Amd ≫ Ryzen 3 4300g Firmware Version-

Amd ≫ Ryzen 3 4300g Version-

Amd ≫ Ryzen 3 4300ge Firmware Version-

Amd ≫ Ryzen 3 4300ge Version-

Amd ≫ Ryzen 3 Pro 4450u Firmware Version-

Amd ≫ Ryzen 3 Pro 4450u Version-

Amd ≫ Ryzen 3 Pro 4350ge Firmware Version-

Amd ≫ Ryzen 3 Pro 4350ge Version-

Amd ≫ Ryzen 3 Pro 4350g Firmware Version-

Amd ≫ Ryzen 3 Pro 4350g Version-

Amd ≫ Ryzen 3 Pro 4200g Firmware Version-

Amd ≫ Ryzen 3 Pro 4200g Version-

Amd ≫ Ryzen 5 Pro 4650ge Firmware Version-

Amd ≫ Ryzen 5 Pro 4650ge Version-

Amd ≫ Ryzen 5 Pro 4650g Firmware Version-

Amd ≫ Ryzen 5 Pro 4650g Version-

Amd ≫ Ryzen 5 Pro 4400g Firmware Version-

Amd ≫ Ryzen 5 Pro 4400g Version-

Amd ≫ Ryzen 7 Pro 4750u Firmware Version-

Amd ≫ Ryzen 7 Pro 4750u Version-

Amd ≫ Ryzen 7 Pro 4750ge Firmware Version-

Amd ≫ Ryzen 7 Pro 4750ge Version-

Amd ≫ Ryzen 7 Pro 4750g Firmware Version-

Amd ≫ Ryzen 7 Pro 4750g Version-

Amd ≫ Ryzen 7 5700u Firmware Version-

Amd ≫ Ryzen 7 5700u Version-

Amd ≫ Ryzen 5 5500u Firmware Version-

Amd ≫ Ryzen 5 5500u Version-

Amd ≫ Ryzen 3 5300u Firmware Version-

Amd ≫ Ryzen 3 5300u Version-

Amd ≫ Ryzen 5 7520u Firmware Version-

Amd ≫ Ryzen 5 7520u Version-

Amd ≫ Ryzen 3 7320u Firmware Version-

Amd ≫ Ryzen 3 7320u Version-

Amd ≫ Athlon Gold 7220u Firmware Version-

Amd ≫ Athlon Gold 7220u Version-

Amd ≫ Epyc 7232p Firmware Version-

Amd ≫ Epyc 7232p Version-

Amd ≫ Epyc 7302p Firmware Version-

Amd ≫ Epyc 7302p Version-

Amd ≫ Epyc 7402p Firmware Version-

Amd ≫ Epyc 7402p Version-

Amd ≫ Epyc 7502p Firmware Version-

Amd ≫ Epyc 7502p Version-

Amd ≫ Epyc 7702p Firmware Version-

Amd ≫ Epyc 7702p Version-

Amd ≫ Epyc 7252 Firmware Version-

Amd ≫ Epyc 7252 Version-

Amd ≫ Epyc 7262 Firmware Version-

Amd ≫ Epyc 7262 Version-

Amd ≫ Epyc 7272 Firmware Version-

Amd ≫ Epyc 7272 Version-

Amd ≫ Epyc 7282 Firmware Version-

Amd ≫ Epyc 7282 Version-

Amd ≫ Epyc 7302 Firmware Version-

Amd ≫ Epyc 7302 Version-

Amd ≫ Epyc 7352 Firmware Version-

Amd ≫ Epyc 7352 Version-

Amd ≫ Epyc 7402 Firmware Version-

Amd ≫ Epyc 7402 Version-

Amd ≫ Epyc 7452 Firmware Version-

Amd ≫ Epyc 7452 Version-

Amd ≫ Epyc 7502 Firmware Version-

Amd ≫ Epyc 7502 Version-

Amd ≫ Epyc 7532 Firmware Version-

Amd ≫ Epyc 7532 Version-

Amd ≫ Epyc 7542 Firmware Version-

Amd ≫ Epyc 7542 Version-

Amd ≫ Epyc 7552 Firmware Version-

Amd ≫ Epyc 7552 Version-

Amd ≫ Epyc 7642 Firmware Version-

Amd ≫ Epyc 7642 Version-

Amd ≫ Epyc 7662 Firmware Version-

Amd ≫ Epyc 7662 Version-

Amd ≫ Epyc 7702 Firmware Version-

Amd ≫ Epyc 7702 Version-

Amd ≫ Epyc 7742 Firmware Version-

Amd ≫ Epyc 7742 Version-

Amd ≫ Epyc 7h12 Firmware Version-

Amd ≫ Epyc 7h12 Version-

Amd ≫ Epyc 7f32 Firmware Version-

Amd ≫ Epyc 7f32 Version-

Amd ≫ Epyc 7f52 Firmware Version-

Amd ≫ Epyc 7f52 Version-

Amd ≫ Epyc 7f72 Firmware Version-

Amd ≫ Epyc 7f72 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	6.32%	0.906

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-209 Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html

Mailing List

https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html

https://www.debian.org/security/2023/dsa-5461

Third Party Advisory

http://seclists.org/fulldisclosure/2023/Jul/43

Not Applicable

http://www.openwall.com/lists/oss-security/2023/09/22/11

http://www.openwall.com/lists/oss-security/2023/09/22/9

http://www.openwall.com/lists/oss-security/2023/07/24/3

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/1

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/12

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/13

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/14

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/15

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/16

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/17

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/5

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/25/6

Mailing List

http://www.openwall.com/lists/oss-security/2023/07/26/1

Patch

Third Party Advisory

Mailing List

Mitigation

http://www.openwall.com/lists/oss-security/2023/07/31/2

Patch

Third Party Advisory

Mailing List

Mitigation

http://www.openwall.com/lists/oss-security/2023/08/08/6

http://www.openwall.com/lists/oss-security/2023/08/08/7

http://www.openwall.com/lists/oss-security/2023/08/08/8

http://www.openwall.com/lists/oss-security/2023/08/16/4

http://www.openwall.com/lists/oss-security/2023/08/16/5

http://www.openwall.com/lists/oss-security/2023/09/25/4

http://www.openwall.com/lists/oss-security/2023/09/25/7

http://xenbits.xen.org/xsa/advisory-433.html

Patch

Vendor Advisory

Mitigation

https://cmpxchg8b.com/zenbleed.html

Exploit

https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/

https://security.netapp.com/advisory/ntap-20240531-0004/

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008

Vendor Advisory

https://www.debian.org/security/2023/dsa-5459

Third Party Advisory

https://www.debian.org/security/2023/dsa-5462

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-20593

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-20593

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-20593

EUVD