CVE-2022-23830

1.9LOW

Key Information:

Vendor
Amd
Status
3rd Gen Amd Epyc™ Processors
4th Gen Amd Epy™ Processors
Amd Epyc™ Embedded 7003
Vendor
CVE Published:
14 November 2023

Summary

SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.

Affected Version(s)

3rd Gen AMD EPYC™ Processors x86 various

4th Gen AMD EPY™ Processors x86 various

AMD EPYC™ Embedded 7003 various

References

https://www.amd.com/en/corporate/product-security/bulleti...
vendor-advisory
https://www.amd.com/en/corporate/product-security/bulleti...
vendor-advisory

CVSS V3.1

Score:
1.9
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.