Denial of Service Vulnerability in AMD's Input-Output Memory Management Unit
CVE-2023-31364

8.3HIGH

Key Information:

Vendor: Amd
Status: Amd Epyc™ 7001 Series Processors; Amd Epyc™ 7002 Series Processors; Amd Epyc™ 7003 Series Processors; Amd Epyc™ 8004 Series Processors
Vendor: CVE Published:; 26 February 2026

What is CVE-2023-31364?

A vulnerability in AMD's input-output memory management unit allows an attacker to exploit improper handling of direct memory writes. A malicious guest virtual machine could overwhelm the host with excessive memory write requests, potentially leading to a fatal machine check error. This situation can result in denial of service, impacting the availability of the system. Organizations using affected AMD processors should consider implementing mitigations to safeguard against this risk.

Affected Version(s)

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics No Fix Planned

AMD EPYC™ 7001 Series Processors NaplesPI 1.0.0.R

AMD EPYC™ 7002 Series Processors RomePI 1.0.0.N

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

8.3

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 26, 2026
Vulnerability Reserved
Apr 27, 2023

CVE-2023-31364 Data

JSON

Amd

What is CVE-2023-31364?

Affected Version(s)

References

CVSS V4

Timeline