CVE-2023-20593

🗓️ 24 Jul 2023 19:38:43Reported by AMDType

Zen 2" CPUs vulnerability allows attacker data acces

Reporter	Title	Published	Views	Family All 615
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GNU Binutils, Bootstrap, PortSmash, Node.js, and libarchive might affect IBM Storage Defender – Data Protect.	18 Oct 202401:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple OS level vulnerabilities	26 Mar 202504:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities	29 Apr 202502:34	–	ibm
IBM Security Bulletins	Security Bulletin: TSSC/IMC is vulnerable to aritrary code execution due to Linux Kernel	8 Jul 202417:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	16 Nov 202318:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Verify Governance - Identity Manager virtual appliance has multiple vulnerabilities	15 Apr 202502:29	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps	25 Oct 202320:24	–	ibm
Tenable Nessus	Amazon Linux 2023 : iwl100-firmware, iwl105-firmware, iwl135-firmware (ALAS2023-2023-284)	14 Aug 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-285)	14 Aug 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : linux-firmware (ALAS-2023-2190)	14 Aug 202300:00	–	nessus

[
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Desktop Processors “Matisse” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Lucienne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 4000 Series Mobile processors with Radeon™ Graphics “Renoir”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 7020 Series processors “Mendocino” FT6",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "packageName": "µcode / AGESA™ firmware",
    "platforms": [
      "x86"
    ],
    "product": "2nd Gen AMD EPYC™ Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

Source	Link
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/
openwall	www.openwall.com/lists/oss-security/2023/07/24/3
openwall	www.openwall.com/lists/oss-security/2023/08/08/8
openwall	www.openwall.com/lists/oss-security/2023/07/25/16
openwall	www.openwall.com/lists/oss-security/2023/07/25/12
debian	www.debian.org/security/2023/dsa-5459
cmpxchg8b	www.cmpxchg8b.com/zenbleed.html
openwall	www.openwall.com/lists/oss-security/2023/07/25/6
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/
openwall	www.openwall.com/lists/oss-security/2023/07/26/1

10 Jun 2024 17:12Current

6.9Medium risk

Vulners AI Score6.9

EPSS0.05794