CVE-2023-20519
published 2023-11-14CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent…
low3.3CVSS 3.1
AVLACLPRLUINSUCNILAN
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | 3rd_gen_amd_epyc_processors | — | — |
| amd | 4th_gen_amd_epyc_processors | — | — |
| amd | genoapi_firmware | < 1.0.0.3 | 1.0.0.3 |
| amd | milanpi_firmware | < 1.0.0.a | 1.0.0.a |