4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:S/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%
**Bulletin ID:**AMD-SB-7006 **Potential Impact:**Information disclosure **Severity:**Low
A potential leakage of data using software-based power side channels on AMD CPUs was reported to AMD. This issue has also been referred to as ‘Collide + Power’.
Refer to Glossary for explanation of terms
CVE | Severity | CVE Description |
---|---|---|
CVE-2023-20583 | Low | A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. |
Based on the complex nature of the attack, AMD believes that it is difficult to execute the attack/exploit of this vulnerability in the real-world or outside of a controlled/lab-type environment.
Some mitigations that may be available currently include the performance determinism mode and the core boost disable bit. AMD EPYC™server processors contain a performance determinism mode which can be used to reduce this type of leakage. AMD Ryzen™ client processors support a core boost disable bit that can help reduce the changes in frequency.
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:S/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%