Description
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6Attack Vector: Local
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: None
Availability: None
Affected Packages11 packages
Also affects: Debian Linux 10.0, 11.0, 12.0
🔴Vulnerability Details
17OSVlinux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities↗2023-12-05 OSVlinux-bluefield vulnerabilities↗2023-09-26 OSVlinux-ibm, linux-ibm-5.4 vulnerabilities↗2023-09-11 OSVlinux-azure, linux-azure-4.15 vulnerabilities↗2023-09-08 OSVlinux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities↗2023-09-06 📋Vendor Advisories
24UbuntuLinux kernel vulnerabilities↗2023-12-05 ChromeLong Term Support Channel Update for ChromeOS: CVE-2023-20593↗2023-10-06 UbuntuLinux kernel (BlueField) vulnerabilities↗2023-09-26 UbuntuLinux kernel (OEM) vulnerabilities↗2023-09-19 UbuntuLinux kernel (IBM) vulnerabilities↗2023-09-11 🕵️Threat Intelligence
2WizZenbleed: cross-process infoleak vulnerability in AMD Zen 2 Processors - everything you need to know | Wiz Blog↗2023-07-26 WizZenbleed: cross-process infoleak vulnerability in AMD Zen 2 Processors - everything you need to know | Wiz Blog↗2023-07-26 💬Community
1BugzillaCVE-2023-20593 hw: amd: Cross-Process Information Leak↗2023-06-27