Lucene search
AmazonALAS-2023-1819HistoryAug 30, 2023 - 5:56 p.m.
Medium: kernel
2023-08-3017:56:00
alas.aws.amazon.com
26
amd processors
speculative data
confidentiality
cve-2023-20588
update
red hat
mitre
unix
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
17.6%
Issue Overview:
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. (CVE-2023-20588)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
New Packages:
i686:
kernel-4.14.322-170.538.amzn1.i686
kernel-headers-4.14.322-170.538.amzn1.i686
perf-4.14.322-170.538.amzn1.i686
perf-debuginfo-4.14.322-170.538.amzn1.i686
kernel-tools-4.14.322-170.538.amzn1.i686
kernel-debuginfo-common-i686-4.14.322-170.538.amzn1.i686
kernel-tools-devel-4.14.322-170.538.amzn1.i686
kernel-debuginfo-4.14.322-170.538.amzn1.i686
kernel-tools-debuginfo-4.14.322-170.538.amzn1.i686
kernel-devel-4.14.322-170.538.amzn1.i686
src:
kernel-4.14.322-170.538.amzn1.src
x86_64:
kernel-debuginfo-common-x86_64-4.14.322-170.538.amzn1.x86_64
kernel-tools-devel-4.14.322-170.538.amzn1.x86_64
kernel-tools-debuginfo-4.14.322-170.538.amzn1.x86_64
perf-4.14.322-170.538.amzn1.x86_64
kernel-headers-4.14.322-170.538.amzn1.x86_64
kernel-tools-4.14.322-170.538.amzn1.x86_64
kernel-4.14.322-170.538.amzn1.x86_64
kernel-debuginfo-4.14.322-170.538.amzn1.x86_64
kernel-devel-4.14.322-170.538.amzn1.x86_64
perf-debuginfo-4.14.322-170.538.amzn1.x86_64
Additional References
Red Hat: CVE-2023-20588
Mitre: CVE-2023-20588
Related
prion
prion
Design/Logic Flaw
2023-08-08 18:15:00
osv
osv
CVE-2023-20588
2023-08-08 18:15:11
linux-aws vulnerabilities
2024-01-10 22:36:53
linux-oem-6.1 vulnerabilities
2023-09-19 17:42:59
cvelist
cvelist
CVE-2023-20588 Speculative Leaks
2023-08-08 17:06:30
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2023-1819)
2023-09-11 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2023-052)
2023-09-06 00:00:00
Amazon Linux 2 : kernel (ALAS-2023-2232)
2023-09-08 00:00:00
amazon
amazon
Medium: kernel
2023-08-31 22:29:00
ubuntucve
ubuntucve
CVE-2023-20588
2023-08-08 00:00:00
xen
xen
x86/AMD: Divide speculative information leak
2023-09-25 16:03:00
cve
cve
CVE-2023-20588
2023-08-08 18:15:11
nvd
nvd
CVE-2023-20588
2023-08-08 18:15:11
mscve
mscve
AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice
2023-12-12 08:00:00
redhatcve
redhatcve
CVE-2023-20588
2023-08-08 18:19:38
amd
amd
Speculative Leaks Security Notice
2023-08-08 00:00:00
veracode
veracode
Information Disclosure
2023-10-02 17:15:30
debiancve
debiancve
CVE-2023-20588
2023-08-08 18:15:11
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2023-09-19 00:00:00
Linux kernel (AWS) vulnerabilities
2024-01-10 00:00:00
Linux kernel vulnerabilities
2023-09-26 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6577-1)
2024-01-11 00:00:00
openSUSE: Security Advisory for xen (SUSE-SU-2023:3832-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for xen (SUSE-SU-2023:3831-1)
2024-03-04 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: xen-4.16.5-2.fc37
2023-10-12 01:18:17
[SECURITY] Fedora 38 Update: xen-4.17.2-2.fc38
2023-09-30 03:35:43
[SECURITY] Fedora 39 Update: xen-4.17.2-2.fc39
2023-10-03 00:20:43
malwarebytes
malwarebytes
Microsoft patches 34 vulnerabilities, including one zero-day
2023-12-13 16:39:23
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-10-10 00:00:00
Unbreakable Enterprise kernel-container security update
2023-10-13 00:00:00
Unbreakable Enterprise kernel-container security update
2023-10-13 00:00:00
citrix
citrix
Citrix Hypervisor Multiple Security Updates
2023-10-10 14:57:16
mskb
mskb
December 12, 2023—KB5033422 (Monthly Rollup)
2023-12-12 08:00:00
December 12, 2023—KB5033427 (Security-only update)
2023-12-12 08:00:00
December 12, 2023—KB5033424 (Security-only update)
2023-12-12 08:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, December 2023 Security Update Review
2023-12-12 20:01:33
kaspersky
kaspersky
KLA62389 Multiple vulnerabilities in Microsoft Products (ESU)
2023-12-12 00:00:00
KLA62388 Multiple vulnerabilities in Microsoft Windows
2023-12-12 00:00:00
debian
debian
[SECURITY] [DSA 5492-1] linux security update
2023-09-09 21:40:04
[SECURITY] [DSA 5480-1] linux security update
2023-08-18 19:01:58
rapid7blog
rapid7blog
Patch Tuesday - December 2023
2023-12-12 21:06:54
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
17.6%
Related for ALAS-2023-1819