Speculative Leaks
CVE-2023-20588

5.5MEDIUM

Key Information:

Vendor
Amd
Status
Epyc™ 7001 Processors
Athlon™ 3000 Series Processors With Radeon™ Graphics
Ryzen™ 3000 Series Processors With Radeon™ Graphics
Athlon™ Pro 3000 Series Processors With Radeon™ Vega Graphics
Vendor
CVE Published:
8 August 2023

Badges

📰 News Worthy

Summary

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 

Affected Version(s)

Athlon™ 3000 Series Processors with Radeon™ Graphics x86 various

Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics x86 Various

EPYC™ 7001 Processors x86 various

News Articles

favicon imageDark Reading

Microsoft Gives Admins a Reprieve With Lighter-Than-Usual Patch Update

The company's final patch release for 2023 contained fixes for a total of just 36 vulnerabilities — none of which, for a change, were zero-days.

1 year ago

References

https://www.amd.com/en/corporate/product-security/bulleti...
vendor-advisory
https://www.debian.org/security/2023/dsa-5480
https://www.debian.org/security/2023/dsa-5492

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by Dark Reading

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseAmd Feed1 News Article(s)
.