cbcvebase.
CVE-2023-31346
published 2024-02-13

CVE-2023-31346: Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

medium6CVSS 3.1
AVLACLPRHUINSCCHINAN
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

Affected

64 ranges· showing 25
VendorProductVersion rangeFixed in
amd3rd_gen_amd_epyc_processors
amd4th_gen_amd_epyc_processors
amdepyc_7203_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7203p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_72f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7303_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7303p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7313_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7313p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7343_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7373x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_73f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7413_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7443_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7443p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7453_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7473x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_74f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7513_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7543_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7543p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7573x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_75f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7643_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7643p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c

CVSS provenance

nvdv3.16.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
osv6.0MEDIUM