All the vulnerabilites related to AMD - AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4
cve-2023-20593
Vulnerability from cvelistv5
Published
2023-07-24 19:38
Modified
2024-11-19 16:08
Severity ?
EPSS score ?
Summary
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:05:45.858Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008" }, { "tags": [ "x_transferred" ], "url": "http://xenbits.xen.org/xsa/advisory-433.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/24/3" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/43" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/5" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/6" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/1" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/13" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/17" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/12" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/16" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/14" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/25/15" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/26/1" }, { "tags": [ "x_transferred" ], "url": "https://cmpxchg8b.com/zenbleed.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5459" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5462" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5461" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/31/2" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/08/7" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/08/8" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/08/6" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/16/4" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/16/5" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/9" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/11" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240531-0004/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-20593", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T16:07:50.725588Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-209", "description": "CWE-209 Generation of Error Message Containing Sensitive Information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-19T16:08:15.479Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "Ryzen\u2122 3000 Series Desktop Processors \u201cMatisse\u201d AM4", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics \u201cRenoir\u201d AM4", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "3rd Gen AMD Ryzen\u2122 Threadripper\u2122 Processors \u201cCastle Peak\u201d HEDT", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various" } ] }, { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "Ryzen\u2122 Threadripper\u2122 PRO Processors \u201cCastle Peak\u201d WS SP3", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "Ryzen\u2122 5000 Series Mobile processors with Radeon\u2122 Graphics \u201cLucienne\u201d", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "Ryzen\u2122 4000 Series Mobile processors with Radeon\u2122 Graphics \u201cRenoir\u201d", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "Ryzen\u2122 7020 Series processors \u201cMendocino\u201d FT6", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": "\u00b5code / AGESA\u2122 firmware", "platforms": [ "x86" ], "product": "2nd Gen AMD EPYC\u2122 Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] } ], "datePublic": "2023-07-24T19:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003cspan style=\"background-color: rgb(248, 249, 250);\"\u003eAn issue in \u201cZen 2\u201d CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.\u003c/span\u003e\n\n\n\n\n\n\u003cbr\u003e" } ], "value": "\nAn issue in \u201cZen 2\u201d CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.\n\n\n\n\n\n\n" } ], "providerMetadata": { "dateUpdated": "2023-07-24T19:39:41.259Z", "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008" }, { "url": "http://xenbits.xen.org/xsa/advisory-433.html" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/24/3" }, { "url": "http://seclists.org/fulldisclosure/2023/Jul/43" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/5" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/6" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/1" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/13" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/17" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/12" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/16" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/14" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/25/15" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/26/1" }, { "url": "https://cmpxchg8b.com/zenbleed.html" }, { "url": "https://www.debian.org/security/2023/dsa-5459" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html" }, { "url": "https://www.debian.org/security/2023/dsa-5462" }, { "url": "https://www.debian.org/security/2023/dsa-5461" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/31/2" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/" }, { "url": "http://www.openwall.com/lists/oss-security/2023/08/08/7" }, { "url": "http://www.openwall.com/lists/oss-security/2023/08/08/8" }, { "url": "http://www.openwall.com/lists/oss-security/2023/08/08/6" }, { "url": "http://www.openwall.com/lists/oss-security/2023/08/16/4" }, { "url": "http://www.openwall.com/lists/oss-security/2023/08/16/5" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/22/9" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/22/11" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7" }, { "url": "https://security.netapp.com/advisory/ntap-20240531-0004/" } ], "source": { "advisory": "AMD-SB-7008", "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "assignerShortName": "AMD", "cveId": "CVE-2023-20593", "datePublished": "2023-07-24T19:38:43.385Z", "dateReserved": "2022-10-27T18:53:39.762Z", "dateUpdated": "2024-11-19T16:08:15.479Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }