CVE-2022-23823

CWE-203 CWE-12404 documents4 sources

Severity

6.5MEDIUM

EPSS

0.8%

top 25.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AMD AMD Processors

Timeline

PublishedJun 15

Latest updateJun 16

Description

A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶CVEListV5amd/amd_processorsProcessor various

🔴Vulnerability Details

GHSA

GHSA-8qmc-xr4h-98gp: A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially↗2022-06-16

▶

CVEList

CVE-2022-23823: A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially↗2022-06-15

▶

📋Vendor Advisories

Red Hat

hw: cpu: cryptographic leaks via frequency scaling attacks(AMD)↗2022-06-14

▶