CVE-2023-20519

Summary

A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.

Affected Software

VendorProductVersion RangeStatus
AMD3rd Gen AMD EPYC™ Processorsvariousaffected
AMD4th Gen AMD EPYC™ Processorsvariousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References