CVE-2023-20584

8 documents7 sources
Severity
6.0MEDIUM
EPSS
0.0%
top 96.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
65
AMD Epyc 7203 FirmwareAMD Epyc 7203p FirmwareAMD Epyc 72f3 Firmware+62 more
Timeline
PublishedAug 13
Latest updateJun 9

Description

IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:NExploitability: 0.8 | Impact: 4.0

Affected Packages67 packages

NVDamd/epyc_7203_firmware< milanpi_1.0.0.b
NVDamd/epyc_72f3_firmware< milanpi_1.0.0.b
NVDamd/epyc_7303_firmware< milanpi_1.0.0.b
NVDamd/epyc_7313_firmware< milanpi_1.0.0.b
NVDamd/epyc_7343_firmware< milanpi_1.0.0.b

🔴Vulnerability Details

4
OSV
amd64-microcode vulnerabilities2025-06-09
CVEList
CVE-2023-20584: IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a co2024-08-13
GHSA
GHSA-7cfh-j5pv-fw3c: IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a co2024-08-13
OSV
CVE-2023-20584: IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a co2024-08-13

📋Vendor Advisories

3
Ubuntu
AMD Microcode vulnerabilities2025-06-09
Red Hat
kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity2024-08-13
Debian
CVE-2023-20584: amd64-microcode - IOMMU improperly handles certain special address ranges with invalid device tabl...2023
CVE-2023-20584 (MEDIUM CVSS 6) | IOMMU improperly handles certain sp | cvebase.io