Lucene search

Redhat.comRH:CVE-2023-20573

HistoryJan 11, 2024 - 6:30 p.m.

CVE-2023-20573

2024-01-1118:30:51

redhat.com

access.redhat.com

cve-2023-20573

secure encrypted virtualization

debug exceptions

privileged attacker

guests

CVSS3

3.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N

AI Score

3.7

Confidence

High

EPSS

Percentile

9.0%

JSON

A flaw was found in AMD hardware using the Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) feature. This issue may allow a privileged attacker to prevent the delivery of debug exceptions to SEV-SNP guests, potentially resulting in guests not receiving expected debug information.

References

bugzilla.redhat.com/show_bug.cgi?id=2253702

nvd.nist.gov/vuln/detail/CVE-2023-20573

www.amd.com/en/resources/product-security/bulletin/amd-sb-3006.html

www.cve.org/CVERecord?id=CVE-2023-20573

CVSS3

3.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N

AI Score

3.7

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for RH:CVE-2023-20573