CVE-2023-31347

Summary

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  

Affected Software

VendorProductVersion RangeStatus
AMD3rd Gen AMD EPYC™ Processorsvariousaffected
AMD4th Gen AMD EPYC™ Processorsvariousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References