CVE-2023-20519
3.3LOW
Key Information
- Vendor
- Amd
- Status
- 3rd Gen Amd Epyc™ Processors
- 4th Gen Amd Epyc™ Processors
- Vendor
- CVE Published:
- 14 November 2023
Summary
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.
Affected Version(s)
3rd Gen AMD EPYC™ Processors = various
4th Gen AMD EPYC™ Processors = various
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database