CVE-2023-20588

Summary

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 

Affected Software

VendorProductVersion RangeStatus
AMDEPYC™ 7001 Processorsvariousaffected
AMDAthlon™ 3000 Series Processors with Radeon™ Graphicsvariousaffected
AMDRyzen™ 3000 Series Processors with Radeon™ Graphicsvariousaffected
AMDAthlon™ PRO 3000 Series Processors with Radeon™ Vega GraphicsVariousaffected
AMDRyzen™ PRO 3000 Series Processors with Radeon™ Vega Graphicsvariousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References