Bulletin ID: AMD-SB-3007 **Potential Impact:**Data leakage (CVE-2023-31346) and loss of integrity (CVE-2023-31347) **Severity:**Refer to the CVE Details section
This bulletin addresses two SEV firmware vulnerabilities reported by an external researcher. Refer to the CVE Details section below.
Refer to Glossary for explanation of terms
CVE | Severity | CVE Description |
---|---|---|
CVE-2023-31346 | Medium | Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests. |
CVE-2023-31347 | Low | Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity. |
AMD is releasing SEV firmware and Platform Initialization (PI) updates to help mitigate these potential vulnerabilities.
3rd Gen AMD EPYCโข Processors formerly codenamed โMilan"
AMD recommends updating to the Platform Initialization (PI) firmware version indicated below.
For both CVEs, there is an alternative mitigation option provided as Mitigation Option 2, including a SEV firmware patch.
CPUIDs|Mitigation Option 1|Mitigation Option 2
|TCB Values for SNP Attestation
โ|โ|โ|โ
0x00A00F11
0x00A00F12|PlatformInitialization (PI)(Requires FW flash)|ฮผcode**(Hot loadable)|SEV FW**(Hot loadable)| TCB[SNP] >= 0x14 Minimum firmware versions to mitigate all listed CVEs| MilanPI
1.0.0.C
(2023-12-18)
CVE-2023-31346| Medium| MilanPI
1.0.0.C
(2023-12-18)| N/A| 1.37.10| TCB[SNP] >= 0x14
CVE-2023-31347| Low| MilanPI
1.0.0.C
(2023-12-18)| N/A| 1.37.10
4th Gen AMD EPYCโข Processors formerly codenamed โGenoaโ
AMD recommends updating to the Platform Initialization (PI) firmware version indicated below.
For both CVEs, there is an alternative mitigation option provided as Mitigation Option 2, including a SEV firmware patch.
CPUIDs|Mitigation Option 1|Mitigation Option 2
|TCB Values for SNP Attestation
โ|โ|โ|โ
0x00A10F11
0x00A10F12
0x00AA0F0|PlatformInitialization (PI)(Requires FW flash)|ฮผcode**(Hot loadable)|SEV FW**(Hot loadable)| TCB[SNP] >= 0x12 Minimum firmware versions to mitigate all listed CVEs| GenoaPI
1.0.0.B
(2023-12-15)
CVE-2023-31346| Medium| GenoaPI
1.0.0.B
(202312-15)| N/A| 1.37.1E| TCB[SNP] >= 0x12
CVE-2023-31347| Low| GenoaPI
1.0.0.B
(202312-15)| N/A| 1.37.1E