cbcvebase.
CVE-2023-20592
published 2023-11-14

CVE-2023-20592: Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back…

medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
amd1st_gen_amd_epyc_processors
amd2nd_gen_amd_epyc_processors
amd3rd_gen_amd_epyc_processors
amdepyc_7203_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7203p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_72f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7303_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7303p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7313_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7313p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7343_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7373x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_73f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7413_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7443_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7443p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7453_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7473x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_74f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7513_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7543_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7543p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7573x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_75f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7643_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
osv6.5MEDIUM