6

CVE-2023-31355

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AmdEpyc 7203 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7203 Version-
AmdEpyc 7203p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7203p Version-
AmdEpyc 72f3 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 72f3 Version-
AmdEpyc 7303 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7303 Version-
AmdEpyc 7303p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7303p Version-
AmdEpyc 7313 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7313 Version-
AmdEpyc 7313p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7313p Version-
AmdEpyc 7343 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7343 Version-
AmdEpyc 73f3 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 73f3 Version-
AmdEpyc 7373x Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7373x Version-
AmdEpyc 7413 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7413 Version-
AmdEpyc 7443 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7443 Version-
AmdEpyc 7443p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7443p Version-
AmdEpyc 74f3 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 74f3 Version-
AmdEpyc 7453 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7453 Version-
AmdEpyc 7473x Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7473x Version-
AmdEpyc 7513 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7513 Version-
AmdEpyc 7543 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7543 Version-
AmdEpyc 7543p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7543p Version-
AmdEpyc 75f3 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 75f3 Version-
AmdEpyc 7573x Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7573x Version-
AmdEpyc 7643 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7643 Version-
AmdEpyc 7773x Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7773x Version-
AmdEpyc 7643p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7643p Version-
AmdEpyc 7663 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7663 Version-
AmdEpyc 7663p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7663p Version-
AmdEpyc 7713 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7713 Version-
AmdEpyc 7713p Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7713p Version-
AmdEpyc 7763 Firmware Version < milanpi_1.0.0.d
   AmdEpyc 7763 Version-
AmdEpyc 8024pn Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8024pn Version-
AmdEpyc 8024p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8024p Version-
AmdEpyc 8124pn Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8124pn Version-
AmdEpyc 8124p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8124p Version-
AmdEpyc 8224pn Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8224pn Version-
AmdEpyc 8224p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8224p Version-
AmdEpyc 8324pn Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8324pn Version-
AmdEpyc 8324p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8324p Version-
AmdEpyc 8434pn Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8434pn Version-
AmdEpyc 8434p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8434p Version-
AmdEpyc 8534pn Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8534pn Version-
AmdEpyc 8534p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 8534p Version-
AmdEpyc 9734 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9734 Version-
AmdEpyc 9754s Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9754s Version-
AmdEpyc 9754 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9754 Version-
AmdEpyc 9184x Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9184x Version-
AmdEpyc 9384x Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9384x Version-
AmdEpyc 9684x Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9684x Version-
AmdEpyc 9124 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9124 Version-
AmdEpyc 9174f Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9174f Version-
AmdEpyc 9224 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9224 Version-
AmdEpyc 9254 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9254 Version-
AmdEpyc 9274f Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9274f Version-
AmdEpyc 9334 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9334 Version-
AmdEpyc 9354 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9354 Version-
AmdEpyc 9354p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9354p Version-
AmdEpyc 9374f Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9374f Version-
AmdEpyc 9454 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9454 Version-
AmdEpyc 9454p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9454p Version-
AmdEpyc 9474f Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9474f Version-
AmdEpyc 9534 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9534 Version-
AmdEpyc 9554 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9554 Version-
AmdEpyc 9554p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9554p Version-
AmdEpyc 9634 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9634 Version-
AmdEpyc 9654 Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9654 Version-
AmdEpyc 9654p Firmware Version < genoapi_1.0.0.c
   AmdEpyc 9654p Version-
AmdEpyc Embedded 7313 Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7313 Version-
AmdEpyc Embedded 7313p Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7313p Version-
AmdEpyc Embedded 7413 Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7413 Version-
AmdEpyc Embedded 7443 Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7443 Version-
AmdEpyc Embedded 7443p Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7443p Version-
AmdEpyc Embedded 7543 Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7543 Version-
AmdEpyc Embedded 7543p Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7543p Version-
AmdEpyc Embedded 7643 Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7643 Version-
AmdEpyc Embedded 7713 Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7713 Version-
AmdEpyc Embedded 7713p Firmware Version < embmilanpi-sp3_1.0.0.9
   AmdEpyc Embedded 7713p Version-
AmdEpyc Embedded 9124 Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9124 Version-
AmdEpyc Embedded 9254 Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9254 Version-
AmdEpyc Embedded 9354 Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9354 Version-
AmdEpyc Embedded 9354p Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9354p Version-
AmdEpyc Embedded 9454 Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9454 Version-
AmdEpyc Embedded 9454p Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9454p Version-
AmdEpyc Embedded 9534 Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9534 Version-
AmdEpyc Embedded 9554 Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9554 Version-
AmdEpyc Embedded 9554p Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9554p Version-
AmdEpyc Embedded 9654 Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9654 Version-
AmdEpyc Embedded 9654p Firmware Version < embgenoapi-sp5_1.0.0.7
   AmdEpyc Embedded 9654p Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.93% 0.753
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6 1.5 4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
psirt@amd.com 6 1.5 4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.