Published: 14/11/2023 Updated: 28/11/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.

Vulnerable Product	Search on Vulmon	Subscribe to Product
amd epyc_7001_firmware -
amd epyc_7251_firmware -
amd epyc_7261_firmware -
amd epyc_7281_firmware -
amd epyc_7301_firmware -
amd epyc_7351_firmware -
amd epyc_7351p_firmware -
amd epyc_7371_firmware -
amd epyc_7401_firmware -
amd epyc_7401p_firmware -
amd epyc_7451_firmware -
amd epyc_7501_firmware -
amd epyc_7551_firmware -
amd epyc_7551p_firmware -
amd epyc_7601_firmware -
amd epyc_7232p_firmware -
amd epyc_7252_firmware -
amd epyc_7262_firmware -
amd epyc_7272_firmware -
amd epyc_7282_firmware -
amd epyc_7302_firmware -
amd epyc_7302p_firmware -
amd epyc_7352_firmware -
amd epyc_7402_firmware -
amd epyc_7402p_firmware -
amd epyc_7452_firmware -
amd epyc_7502_firmware -
amd epyc_7502p_firmware -
amd epyc_7532_firmware -
amd epyc_7542_firmware -
amd epyc_7552_firmware -
amd epyc_7642_firmware -
amd epyc_7662_firmware -
amd epyc_7702_firmware -
amd epyc_7702p_firmware -
amd epyc_7742_firmware -
amd epyc_7f32_firmware -
amd epyc_7f52_firmware -
amd epyc_7f72_firmware -
amd epyc_7h12_firmware -
amd epyc_7763_firmware
amd epyc_7713p_firmware
amd epyc_7713_firmware
amd epyc_7663p_firmware
amd epyc_7663_firmware
amd epyc_7643p_firmware
amd epyc_7773x_firmware
amd epyc_7643_firmware
amd epyc_7573x_firmware
amd epyc_75f3_firmware
amd epyc_7543p_firmware
amd epyc_7543_firmware
amd epyc_7513_firmware
amd epyc_7473x_firmware
amd epyc_7453_firmware
amd epyc_74f3_firmware
amd epyc_7443p_firmware
amd epyc_7443_firmware
amd epyc_7413_firmware
amd epyc_7373x_firmware
amd epyc_73f3_firmware
amd epyc_7343_firmware
amd epyc_7313p_firmware
amd epyc_7313_firmware
amd epyc_7303p_firmware
amd epyc_7303_firmware
amd epyc_72f3_firmware
amd epyc_7203p_firmware
amd epyc_7203_firmware

Synopsis Moderate: linux-firmware security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for linux-firmware is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update ...

DescriptionA flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine (VM) memory integrityA flaw was found in some of AMD CPU's due to improp ...

Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 2024)

CacheWarp This repository contains the experiments of evaluation and case studies discussed in the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security'24) You can find the paper at the USENIX website For the demos, please check our website Overview We introduce a new software-based fault injection attack on AMD SEV

NVD-CWE-noinfo https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3005 https://access.redhat.com/errata/RHSA-2024:0753 https://nvd.nist.gov https://github.com/cispa/CacheWarp https://access.redhat.com/security/cve/cve-2023-20592

CVE-2023-20592

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect