Virtual Machine (VM) Integrity Bypass through IOMMU Misconfiguration
CVE-2023-20584
5.3MEDIUM
Key Information
- Vendor
- Amd
- Status
- Amd Epyc™ 7003 Processors
- Amd Epyc™ 9004 Processors
- Vendor
- CVE Published:
- 13 August 2024
Summary
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
Affected Version(s)
AMD EPYC™ 7003 Processors <= MilanPI 1.0.0.C
AMD EPYC™ 9004 Processors <= GenoaPI 1.0.0.B
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database