cbcvebase.
CVE-2023-31347
published 2024-02-13

CVE-2023-31347: Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is…

medium4.9CVSS 3.1
AVNACLPRHUINSUCNIHAN
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.

Affected

63 ranges· showing 25
VendorProductVersion rangeFixed in
amd3rd_gen_amd_epyc_processors
amd4th_gen_amd_epyc_processors
amdepyc_7203_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7203p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_72f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7303_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7303p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7313_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7313p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7343_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7373x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_73f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7413_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7443_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7443p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7453_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7473x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_74f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7513_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7543_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7543p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7573x_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_75f3_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7643_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c
amdepyc_7643p_firmware< milanpi_1.0.0.cmilanpi_1.0.0.c

CVSS provenance

nvdv3.14.9MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
osv4.9MEDIUM