Lucene search

[email protected]CVE-2023-20588

HistoryAug 08, 2023 - 6:15 p.m.

CVE-2023-20588

2023-08-0818:15:11

CWE-369

[email protected]

web.nvd.nist.gov

185

cve-2023-20588

amd processors

division-by-zero error

speculative data leakage

confidentiality loss

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.9%

JSON

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

Affected configurations

NVD

Node

debiandebian_linuxMatch10.0

debiandebian_linuxMatch11.0

debiandebian_linuxMatch12.0

Node

amdepyc_7351p_firmwareMatch-

AND

amdepyc_7351pMatch-

Node

amdepyc_7401p_firmwareMatch-

AND

amdepyc_7401pMatch-

Node

amdepyc_7551p_firmwareMatch-

AND

amdepyc_7551pMatch-

Node

amdepyc_7251_firmwareMatch-

AND

amdepyc_7251Match-

Node

amdepyc_7261_firmwareMatch-

AND

amdepyc_7261Match-

Node

amdepyc_7281_firmwareMatch-

AND

amdepyc_7281Match-

Node

amdepyc_7301_firmwareMatch-

AND

amdepyc_7301Match-

Node

amdepyc_7351_firmwareMatch-

AND

amdepyc_7351Match-

Node

amdepyc_7371_firmwareMatch-

AND

amdepyc_7371Match-

Node

amdepyc_7401_firmwareMatch-

AND

amdepyc_7401Match-

Node

amdepyc_7451_firmwareMatch-

AND

amdepyc_7451Match-

Node

amdepyc_7501_firmwareMatch-

AND

amdepyc_7501Match-

Node

amdepyc_7551_firmwareMatch-

AND

amdepyc_7551Match-

Node

amdepyc_7571_firmwareMatch-

AND

amdepyc_7571Match-

Node

amdepyc_7601_firmwareMatch-

AND

amdepyc_7601Match-

Node

amdryzen_5_pro_3400g_firmwareMatch-

AND

amdryzen_5_pro_3400gMatch-

Node

amdryzen_5_3400g_firmwareMatch-

AND

amdryzen_5_3400gMatch-

Node

amdryzen_5_pro_3400ge_firmwareMatch-

AND

amdryzen_5_pro_3400geMatch-

Node

amdryzen_5_pro_3350g_firmwareMatch-

AND

amdryzen_5_pro_3350gMatch-

Node

amdryzen_5_pro_3350ge_firmwareMatch-

AND

amdryzen_5_pro_3350geMatch-

Node

amdryzen_3_pro_3200g_firmwareMatch-

AND

amdryzen_3_pro_3200gMatch-

Node

amdryzen_3_3200g_firmwareMatch-

AND

amdryzen_3_3200gMatch-

Node

amdryzen_3_3200ge_firmwareMatch-

AND

amdryzen_3_3200geMatch-

Node

amdryzen_3_pro_3200ge_firmwareMatch-

AND

amdryzen_3_pro_3200geMatch-

Node

amdathlon_pro_300ge_firmwareMatch-

AND

amdathlon_pro_300geMatch-

Node

amdathlon_gold_3150ge_firmwareMatch-

AND

amdathlon_gold_3150geMatch-

Node

amdathlon_gold_pro_3150ge_firmwareMatch-

AND

amdathlon_gold_pro_3150geMatch-

Node

amdathlon_gold_3150g_firmwareMatch-

AND

amdathlon_gold_3150gMatch-

Node

amdathlon_gold_pro_3150g_firmwareMatch-

AND

amdathlon_gold_pro_3150gMatch-

Node

amdathlon_silver_3050ge_firmwareMatch-

AND

amdathlon_silver_3050geMatch-

Node

amdathlon_silver_pro_3125ge_firmwareMatch-

AND

amdathlon_silver_pro_3125geMatch-

Node

xenxenMatch-

Node

fedoraprojectfedoraMatch37

fedoraprojectfedoraMatch38

fedoraprojectfedoraMatch39

Node

microsoftwindows_10_1507Range<10.0.10240.20345

microsoftwindows_10_1607Range<10.0.14393.6529

microsoftwindows_10_1809Range<10.0.17763.5206

microsoftwindows_10_21h2Range<10.0.19044.3803

microsoftwindows_10_22h2Range<10.0.19045.3803

microsoftwindows_11_21h2Range<10.0.22000.2652

microsoftwindows_11_22h2Range<10.0.22621.2861

microsoftwindows_11_23h2Range<10.0.22631.2861

microsoftwindows_server_2008Match-sp2

microsoftwindows_server_2008Matchr2sp1x64

microsoftwindows_server_2012Match-

microsoftwindows_server_2012Matchr2

microsoftwindows_server_2016Range<10.0.14393.6529

microsoftwindows_server_2019Range<10.0.17763.5206

microsoftwindows_server_2022_23h2Range<10.0.25398.584

CPENameOperatorVersion
debian:debian_linuxdebian debian linuxeq10.0
debian:debian_linuxdebian debian linuxeq11.0
debian:debian_linuxdebian debian linuxeq12.0

CPE	Name	Operator	Version
debian:debian_linux	debian debian linux	eq	10.0
debian:debian_linux	debian debian linux	eq	11.0
debian:debian_linux	debian debian linux	eq	12.0

CNA Affected

[
  {
    "defaultStatus": "affected",
    "packageName": " ",
    "platforms": [
      "x86"
    ],
    "product": "EPYC™ 7001 Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ 3000 Series Processors with Radeon™ Graphics ",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": " ",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics ",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "Various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ PRO 3000 Series Processors with Radeon™ Vega Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]