CVE-2023-20593

5.5MEDIUM

Key Information

Vendor
Amd
Status
Ryzen™ 3000 Series Desktop Processors “matisse” Am4
Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics “renoir” Am4
3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt
Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3
Vendor
CVE Published:
24 July 2023

Badges

👾 Exploit Exists🔴 Public PoC📰 News Worthy

Summary

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

Affected Version(s)

Ryzen™ 3000 Series Desktop Processors “Matisse” AM4 <= various

AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4 <= various

3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT <= various

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

stop-zenbleed-win
Created by sbaresearch

News Articles

favicon imageSUSE

Security update for the Linux Kernel | SUSE Support

Announcement of Security update for the Linux Kernel. Maximize the value of open source with SUSE solution, backed by SUSE Support.

6 months ago

favicon imageSUSE

Security update for the Linux Kernel | SUSE Support

Announcement of Security update for the Linux Kernel. Maximize the value of open source with SUSE solution, backed by SUSE Support.

6 months ago

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit exists.

  • First article discovered by SUSE

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)2 News Article(s)
.