4.4
CVE-2023-31356
- EPSS 0.03%
- Veröffentlicht 13.08.2024 17:15:21
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle psirt@amd.com
- CVE-Watchlists
- Unerledigt
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerAMD
≫
Produkt
AMD EPYC™ 7003 Processors
Default Statusaffected
Version
MilanPI 1.0.0.C
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ 9004 Processors
Default Statusaffected
Version
GenoaPI 1.0.0.B
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 7003
Default Statusaffected
Version
"EmbMilanPI-SP3 1.0.0.8"
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 9004
Default Statusaffected
Version
EmbGenoaPI-SP5 1.0.0.6
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.088 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@amd.com | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
|
CWE-459 Incomplete Cleanup
The product does not properly "clean up" and remove temporary or supporting resources after they have been used.