CVE-2023-20585

Summary

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 7003 Series ProcessorsSEV FW 1.37.23unaffected
AMDAMD EPYC™ 9004 Series ProcessorsSEV FW 1.37.31unaffected
AMDAMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 1.0.0.Bunaffected
AMDAMD EPYC™ Embedded 9004 Series ProcessorsEmbGenoaPI-1.0.0.Aunaffected

Weaknesses

  • CWE-788: CWE-788 Access of Memory Location After End of Buffer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References