Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2023-20569
HistoryAug 08, 2023 - 6:15 p.m.

CVE-2023-20569

2023-08-0818:15:11
Debian Security Bug Tracker
security-tracker.debian.org
37
amd cpus side channel
information disclosure
speculative execution
return address prediction
unix

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

26.1%

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlledโ€ฏaddress, potentially leading to information disclosure.

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

26.1%