TROYANOSYVIRUS
← Back to CVEs

CVE-2023-20593

MEDIUM
5.5

Description

An issue in β€œZen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

CVE Details

CVSS v3.1 Score5.5
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published7/24/2023
Last Modified2/13/2025
Sourcenvd
Honeypot Sightings0

Affected Products

amd:athlon_gold_7220uamd:athlon_gold_7220u_firmwareamd:epyc_7232pamd:epyc_7232p_firmwareamd:epyc_7252amd:epyc_7252_firmwareamd:epyc_7262amd:epyc_7262_firmwareamd:epyc_7272amd:epyc_7272_firmwareamd:epyc_7282amd:epyc_7282_firmwareamd:epyc_7302amd:epyc_7302_firmwareamd:epyc_7302pamd:epyc_7302p_firmwareamd:epyc_7352amd:epyc_7352_firmwareamd:epyc_7402amd:epyc_7402_firmwareamd:epyc_7402pamd:epyc_7402p_firmwareamd:epyc_7452amd:epyc_7452_firmwareamd:epyc_7502amd:epyc_7502_firmwareamd:epyc_7502pamd:epyc_7502p_firmwareamd:epyc_7532amd:epyc_7532_firmwareamd:epyc_7542amd:epyc_7542_firmwareamd:epyc_7552amd:epyc_7552_firmwareamd:epyc_7642amd:epyc_7642_firmwareamd:epyc_7662amd:epyc_7662_firmwareamd:epyc_7702amd:epyc_7702_firmwareamd:epyc_7702pamd:epyc_7702p_firmwareamd:epyc_7742amd:epyc_7742_firmwareamd:epyc_7f32amd:epyc_7f32_firmwareamd:epyc_7f52amd:epyc_7f52_firmwareamd:epyc_7f72amd:epyc_7f72_firmwareamd:epyc_7h12amd:epyc_7h12_firmwareamd:ryzen_3_3100amd:ryzen_3_3100_firmwareamd:ryzen_3_3300xamd:ryzen_3_3300x_firmwareamd:ryzen_3_4300gamd:ryzen_3_4300g_firmwareamd:ryzen_3_4300geamd:ryzen_3_4300ge_firmwareamd:ryzen_3_5300uamd:ryzen_3_5300u_firmwareamd:ryzen_3_7320uamd:ryzen_3_7320u_firmwareamd:ryzen_3_pro_4200gamd:ryzen_3_pro_4200g_firmwareamd:ryzen_3_pro_4350gamd:ryzen_3_pro_4350g_firmwareamd:ryzen_3_pro_4350geamd:ryzen_3_pro_4350ge_firmwareamd:ryzen_3_pro_4450uamd:ryzen_3_pro_4450u_firmwareamd:ryzen_5_3500amd:ryzen_5_3500_firmwareamd:ryzen_5_3500xamd:ryzen_5_3500x_firmwareamd:ryzen_5_3600amd:ryzen_5_3600_firmwareamd:ryzen_5_3600xamd:ryzen_5_3600x_firmwareamd:ryzen_5_3600xtamd:ryzen_5_3600xt_firmwareamd:ryzen_5_4600gamd:ryzen_5_4600g_firmwareamd:ryzen_5_4600geamd:ryzen_5_4600ge_firmwareamd:ryzen_5_5500uamd:ryzen_5_5500u_firmwareamd:ryzen_5_7520uamd:ryzen_5_7520u_firmwareamd:ryzen_5_pro_4400gamd:ryzen_5_pro_4400g_firmwareamd:ryzen_5_pro_4650gamd:ryzen_5_pro_4650g_firmwareamd:ryzen_5_pro_4650geamd:ryzen_5_pro_4650ge_firmwareamd:ryzen_7_3700xamd:ryzen_7_3700x_firmwareamd:ryzen_7_3800xamd:ryzen_7_3800x_firmwareamd:ryzen_7_3800xtamd:ryzen_7_3800xt_firmwareamd:ryzen_7_4700gamd:ryzen_7_4700g_firmwareamd:ryzen_7_4700geamd:ryzen_7_4700ge_firmwareamd:ryzen_7_5700uamd:ryzen_7_5700u_firmwareamd:ryzen_7_pro_4750gamd:ryzen_7_pro_4750g_firmwareamd:ryzen_7_pro_4750geamd:ryzen_7_pro_4750ge_firmwareamd:ryzen_7_pro_4750uamd:ryzen_7_pro_4750u_firmwareamd:ryzen_9_3900amd:ryzen_9_3900_firmwareamd:ryzen_9_3900xamd:ryzen_9_3900x_firmwareamd:ryzen_9_3900xtamd:ryzen_9_3900xt_firmwareamd:ryzen_9_3950xamd:ryzen_9_3950x_firmwareamd:ryzen_9_pro_3900amd:ryzen_9_pro_3900_firmwareamd:ryzen_threadripper_3960xamd:ryzen_threadripper_3960x_firmwareamd:ryzen_threadripper_3970xamd:ryzen_threadripper_3970x_firmwareamd:ryzen_threadripper_3990xamd:ryzen_threadripper_3990x_firmwareamd:ryzen_threadripper_pro_3945wxamd:ryzen_threadripper_pro_3945wx_firmwareamd:ryzen_threadripper_pro_3955wxamd:ryzen_threadripper_pro_3955wx_firmwareamd:ryzen_threadripper_pro_3975wxamd:ryzen_threadripper_pro_3975wx_firmwareamd:ryzen_threadripper_pro_3995wxamd:ryzen_threadripper_pro_3995wx_firmwaredebian:debian_linuxxen:xen

Weaknesses (CWE)

CWE-209

References

http://seclists.org/fulldisclosure/2023/Jul/43(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/24/3(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/1(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/12(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/13(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/14(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/15(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/16(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/17(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/5(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/25/6(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/26/1(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/07/31/2(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/08/08/6(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/08/08/7(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/08/08/8(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/08/16/4(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/08/16/5(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/09/22/11(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/09/22/9(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/09/25/4(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2023/09/25/7(psirt@amd.com)
http://xenbits.xen.org/xsa/advisory-433.html(psirt@amd.com)
https://cmpxchg8b.com/zenbleed.html(psirt@amd.com)
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html(psirt@amd.com)
https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html(psirt@amd.com)
https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html(psirt@amd.com)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/(psirt@amd.com)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/(psirt@amd.com)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/(psirt@amd.com)
https://security.netapp.com/advisory/ntap-20240531-0004/(psirt@amd.com)
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008(psirt@amd.com)
https://www.debian.org/security/2023/dsa-5459(psirt@amd.com)
https://www.debian.org/security/2023/dsa-5461(psirt@amd.com)
https://www.debian.org/security/2023/dsa-5462(psirt@amd.com)
http://seclists.org/fulldisclosure/2023/Jul/43(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/24/3(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/1(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/12(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/13(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/14(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/15(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/16(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/17(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/5(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/6(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/26/1(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/31/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/08/08/6(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/08/08/7(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/08/08/8(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/08/16/4(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/08/16/5(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/09/22/11(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/09/22/9(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/09/25/4(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/09/25/7(af854a3a-2127-422b-91ae-364da2661108)
http://xenbits.xen.org/xsa/advisory-433.html(af854a3a-2127-422b-91ae-364da2661108)
https://cmpxchg8b.com/zenbleed.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20240531-0004/(af854a3a-2127-422b-91ae-364da2661108)
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5459(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5461(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5462(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.