CVE-2023-20566

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.

Published: Nov 14, 2023
Updated: Jun 19, 2024
CVE: CVE-2023-20566
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
amd / epyc_7763_firmware	-	milanpi_1.0.0.b
amd / epyc_7713p_firmware	-	milanpi_1.0.0.b
amd / epyc_7713_firmware	-	milanpi_1.0.0.b
amd / epyc_7663p_firmware	-	milanpi_1.0.0.b
amd / epyc_7663_firmware	-	milanpi_1.0.0.b
amd / epyc_7643p_firmware	-	milanpi_1.0.0.b
amd / epyc_7773x_firmware	-	milanpi_1.0.0.b
amd / epyc_7643_firmware	-	milanpi_1.0.0.b
amd / epyc_7573x_firmware	-	milanpi_1.0.0.b
amd / epyc_75f3_firmware	-	milanpi_1.0.0.b
amd / epyc_7543p_firmware	-	milanpi_1.0.0.b
amd / epyc_7543_firmware	-	milanpi_1.0.0.b
amd / epyc_7513_firmware	-	milanpi_1.0.0.b
amd / epyc_7473x_firmware	-	milanpi_1.0.0.b
amd / epyc_7453_firmware	-	milanpi_1.0.0.b
amd / epyc_74f3_firmware	-	milanpi_1.0.0.b
amd / epyc_7443p_firmware	-	milanpi_1.0.0.b
amd / epyc_7443_firmware	-	milanpi_1.0.0.b
amd / epyc_7413_firmware	-	milanpi_1.0.0.b
amd / epyc_7373x_firmware	-	milanpi_1.0.0.b
amd / epyc_73f3_firmware	-	milanpi_1.0.0.b
amd / epyc_7343_firmware	-	milanpi_1.0.0.b
amd / epyc_7313p_firmware	-	milanpi_1.0.0.b
amd / epyc_7313_firmware	-	milanpi_1.0.0.b
amd / epyc_7303p_firmware	-	milanpi_1.0.0.b
amd / epyc_7303_firmware	-	milanpi_1.0.0.b
amd / epyc_72f3_firmware	-	milanpi_1.0.0.b
amd / epyc_7203p_firmware	-	milanpi_1.0.0.b
amd / epyc_7203_firmware	-	milanpi_1.0.0.b
amd / epyc_9654p_firmware	-	genoapi_1.0.0.7
amd / epyc_9654_firmware	-	genoapi_1.0.0.7
amd / epyc_9634_firmware	-	genoapi_1.0.0.7
amd / epyc_9554p_firmware	-	genoapi_1.0.0.7
amd / epyc_9554_firmware	-	genoapi_1.0.0.7
amd / epyc_9534_firmware	-	genoapi_1.0.0.7
amd / epyc_9474f_firmware	-	genoapi_1.0.0.7
amd / epyc_9454p_firmware	-	genoapi_1.0.0.7
amd / epyc_9454_firmware	-	genoapi_1.0.0.7
amd / epyc_9374f_firmware	-	genoapi_1.0.0.7
amd / epyc_9354p_firmware	-	genoapi_1.0.0.7
amd / epyc_9354_firmware	-	genoapi_1.0.0.7
amd / epyc_9334_firmware	-	genoapi_1.0.0.7
amd / epyc_9274f_firmware	-	genoapi_1.0.0.7
amd / epyc_9254_firmware	-	genoapi_1.0.0.7
amd / epyc_9224_firmware	-	genoapi_1.0.0.7
amd / epyc_9174f_firmware	-	genoapi_1.0.0.7
amd / epyc_9124_firmware	-	genoapi_1.0.0.7
amd / epyc_9684x_firmware	-	genoapi_1.0.0.7
amd / epyc_9384x_firmware	-	genoapi_1.0.0.7
amd / epyc_9184x_firmware	-	genoapi_1.0.0.7
amd / epyc_9754_firmware	-	genoapi_1.0.0.7
amd / epyc_9754s_firmware	-	genoapi_1.0.0.7
amd / epyc_9734_firmware	-	genoapi_1.0.0.7
amd / epyc_8534p_firmware	-	genoapi_1.0.0.7
amd / epyc_8534pn_firmware	-	genoapi_1.0.0.7
amd / epyc_8434p_firmware	-	genoapi_1.0.0.7
amd / epyc_8434pn_firmware	-	genoapi_1.0.0.7
amd / epyc_8324p_firmware	-	genoapi_1.0.0.7
amd / epyc_8324pn_firmware	-	genoapi_1.0.0.7
amd / epyc_8224p_firmware	-	genoapi_1.0.0.7
amd / epyc_8224pn_firmware	-	genoapi_1.0.0.7
amd / epyc_8124p_firmware	-	genoapi_1.0.0.7
amd / epyc_8124pn_firmware	-	genoapi_1.0.0.7
amd / epyc_8024p_firmware	-	genoapi_1.0.0.7
amd / epyc_8024pn_firmware	-	genoapi_1.0.0.7

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002

Vulnerability Database

289,598

CVE-2023-20566