IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
History

Thu, 12 Dec 2024 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd epyc 7203
Amd epyc 7203 Firmware
Amd epyc 7203p
Amd epyc 7203p Firmware
Amd epyc 72f3
Amd epyc 72f3 Firmware
Amd epyc 7303
Amd epyc 7303 Firmware
Amd epyc 7303p
Amd epyc 7303p Firmware
Amd epyc 7313
Amd epyc 7313 Firmware
Amd epyc 7313p
Amd epyc 7313p Firmware
Amd epyc 7343
Amd epyc 7343 Firmware
Amd epyc 7373x
Amd epyc 7373x Firmware
Amd epyc 73f3
Amd epyc 73f3 Firmware
Amd epyc 7413
Amd epyc 7413 Firmware
Amd epyc 7443
Amd epyc 7443 Firmware
Amd epyc 7443p
Amd epyc 7443p Firmware
Amd epyc 7453
Amd epyc 7453 Firmware
Amd epyc 7473x
Amd epyc 7473x Firmware
Amd epyc 74f3
Amd epyc 74f3 Firmware
Amd epyc 7513
Amd epyc 7513 Firmware
Amd epyc 7543
Amd epyc 7543 Firmware
Amd epyc 7543p
Amd epyc 7543p Firmware
Amd epyc 7573x
Amd epyc 7573x Firmware
Amd epyc 75f3
Amd epyc 75f3 Firmware
Amd epyc 7643
Amd epyc 7643 Firmware
Amd epyc 7643p
Amd epyc 7643p Firmware
Amd epyc 7663
Amd epyc 7663 Firmware
Amd epyc 7663p
Amd epyc 7663p Firmware
Amd epyc 7713
Amd epyc 7713 Firmware
Amd epyc 7713p
Amd epyc 7713p Firmware
Amd epyc 7763
Amd epyc 7763 Firmware
Amd epyc 7773x
Amd epyc 7773x Firmware
Amd epyc 8024p
Amd epyc 8024p Firmware
Amd epyc 8024pn
Amd epyc 8024pn Firmware
Amd epyc 8124p
Amd epyc 8124p Firmware
Amd epyc 8124pn
Amd epyc 8124pn Firmware
Amd epyc 8224p
Amd epyc 8224p Firmware
Amd epyc 8224pn
Amd epyc 8224pn Firmware
Amd epyc 8324p
Amd epyc 8324p Firmware
Amd epyc 8324pn
Amd epyc 8324pn Firmware
Amd epyc 8434p
Amd epyc 8434p Firmware
Amd epyc 8434pn
Amd epyc 8434pn Firmware
Amd epyc 8534p
Amd epyc 8534p Firmware
Amd epyc 8534pn
Amd epyc 8534pn Firmware
Amd epyc 9124
Amd epyc 9124 Firmware
Amd epyc 9174f
Amd epyc 9174f Firmware
Amd epyc 9184x
Amd epyc 9184x Firmware
Amd epyc 9224
Amd epyc 9224 Firmware
Amd epyc 9254
Amd epyc 9254 Firmware
Amd epyc 9274f
Amd epyc 9274f Firmware
Amd epyc 9334
Amd epyc 9334 Firmware
Amd epyc 9354
Amd epyc 9354 Firmware
Amd epyc 9354p
Amd epyc 9354p Firmware
Amd epyc 9374f
Amd epyc 9374f Firmware
Amd epyc 9384x
Amd epyc 9384x Firmware
Amd epyc 9454
Amd epyc 9454 Firmware
Amd epyc 9454p
Amd epyc 9454p Firmware
Amd epyc 9474f
Amd epyc 9474f Firmware
Amd epyc 9534
Amd epyc 9534 Firmware
Amd epyc 9554
Amd epyc 9554 Firmware
Amd epyc 9554p
Amd epyc 9554p Firmware
Amd epyc 9634
Amd epyc 9634 Firmware
Amd epyc 9654
Amd epyc 9654 Firmware
Amd epyc 9654p
Amd epyc 9654p Firmware
Amd epyc 9684x
Amd epyc 9684x Firmware
Amd epyc 9734
Amd epyc 9734 Firmware
Amd epyc 9754
Amd epyc 9754 Firmware
Amd epyc 9754s
Amd epyc 9754s Firmware
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:h:amd:epyc_7203:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7203p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7303:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7303p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7643p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7663p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8024p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8024pn:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8124p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8124pn:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8224p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8224pn:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8324p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8324pn:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8434p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8434pn:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8534p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_8534pn:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9124:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9174f:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9184x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9224:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9254:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9274f:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9334:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9354:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9354p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9374f:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9384x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9454:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9454p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9474f:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9534:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9554:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9554p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9634:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9654:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9654p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9684x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9734:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9754:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_9754s:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7203_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7203p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7303_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7303p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7643p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7663p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8024p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8024pn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8124p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8124pn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8224p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8224pn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8324p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8324pn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8434p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8434pn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8534p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_8534pn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9124_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9174f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9184x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9254_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9274f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9334_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9354_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9354p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9374f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9384x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9454_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9454p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9474f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9534_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9554_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9554p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9634_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9654_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9654p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9684x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9734_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9754_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_9754s_firmware:*:*:*:*:*:*:*:*
Vendors & Products Amd
Amd epyc 7203
Amd epyc 7203 Firmware
Amd epyc 7203p
Amd epyc 7203p Firmware
Amd epyc 72f3
Amd epyc 72f3 Firmware
Amd epyc 7303
Amd epyc 7303 Firmware
Amd epyc 7303p
Amd epyc 7303p Firmware
Amd epyc 7313
Amd epyc 7313 Firmware
Amd epyc 7313p
Amd epyc 7313p Firmware
Amd epyc 7343
Amd epyc 7343 Firmware
Amd epyc 7373x
Amd epyc 7373x Firmware
Amd epyc 73f3
Amd epyc 73f3 Firmware
Amd epyc 7413
Amd epyc 7413 Firmware
Amd epyc 7443
Amd epyc 7443 Firmware
Amd epyc 7443p
Amd epyc 7443p Firmware
Amd epyc 7453
Amd epyc 7453 Firmware
Amd epyc 7473x
Amd epyc 7473x Firmware
Amd epyc 74f3
Amd epyc 74f3 Firmware
Amd epyc 7513
Amd epyc 7513 Firmware
Amd epyc 7543
Amd epyc 7543 Firmware
Amd epyc 7543p
Amd epyc 7543p Firmware
Amd epyc 7573x
Amd epyc 7573x Firmware
Amd epyc 75f3
Amd epyc 75f3 Firmware
Amd epyc 7643
Amd epyc 7643 Firmware
Amd epyc 7643p
Amd epyc 7643p Firmware
Amd epyc 7663
Amd epyc 7663 Firmware
Amd epyc 7663p
Amd epyc 7663p Firmware
Amd epyc 7713
Amd epyc 7713 Firmware
Amd epyc 7713p
Amd epyc 7713p Firmware
Amd epyc 7763
Amd epyc 7763 Firmware
Amd epyc 7773x
Amd epyc 7773x Firmware
Amd epyc 8024p
Amd epyc 8024p Firmware
Amd epyc 8024pn
Amd epyc 8024pn Firmware
Amd epyc 8124p
Amd epyc 8124p Firmware
Amd epyc 8124pn
Amd epyc 8124pn Firmware
Amd epyc 8224p
Amd epyc 8224p Firmware
Amd epyc 8224pn
Amd epyc 8224pn Firmware
Amd epyc 8324p
Amd epyc 8324p Firmware
Amd epyc 8324pn
Amd epyc 8324pn Firmware
Amd epyc 8434p
Amd epyc 8434p Firmware
Amd epyc 8434pn
Amd epyc 8434pn Firmware
Amd epyc 8534p
Amd epyc 8534p Firmware
Amd epyc 8534pn
Amd epyc 8534pn Firmware
Amd epyc 9124
Amd epyc 9124 Firmware
Amd epyc 9174f
Amd epyc 9174f Firmware
Amd epyc 9184x
Amd epyc 9184x Firmware
Amd epyc 9224
Amd epyc 9224 Firmware
Amd epyc 9254
Amd epyc 9254 Firmware
Amd epyc 9274f
Amd epyc 9274f Firmware
Amd epyc 9334
Amd epyc 9334 Firmware
Amd epyc 9354
Amd epyc 9354 Firmware
Amd epyc 9354p
Amd epyc 9354p Firmware
Amd epyc 9374f
Amd epyc 9374f Firmware
Amd epyc 9384x
Amd epyc 9384x Firmware
Amd epyc 9454
Amd epyc 9454 Firmware
Amd epyc 9454p
Amd epyc 9454p Firmware
Amd epyc 9474f
Amd epyc 9474f Firmware
Amd epyc 9534
Amd epyc 9534 Firmware
Amd epyc 9554
Amd epyc 9554 Firmware
Amd epyc 9554p
Amd epyc 9554p Firmware
Amd epyc 9634
Amd epyc 9634 Firmware
Amd epyc 9654
Amd epyc 9654 Firmware
Amd epyc 9654p
Amd epyc 9654p Firmware
Amd epyc 9684x
Amd epyc 9684x Firmware
Amd epyc 9734
Amd epyc 9734 Firmware
Amd epyc 9754
Amd epyc 9754 Firmware
Amd epyc 9754s
Amd epyc 9754s Firmware

Wed, 02 Oct 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux
Redhat rhel Eus
CPEs cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
cpe:/o:redhat:rhel_eus:9.2
Vendors & Products Redhat enterprise Linux
Redhat rhel Eus

Tue, 01 Oct 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus
CPEs cpe:/o:redhat:rhel_aus:8.6
cpe:/o:redhat:rhel_e4s:8.6
cpe:/o:redhat:rhel_tus:8.6
Vendors & Products Redhat
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus

Fri, 16 Aug 2024 11:30:00 +0000

Type Values Removed Values Added
Title kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity
References
Metrics threat_severity

None

threat_severity

Moderate


Tue, 13 Aug 2024 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 13 Aug 2024 17:00:00 +0000

Type Values Removed Values Added
Description IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2024-08-13T16:53:18.373Z

Updated: 2024-11-05T21:40:37.392Z

Reserved: 2022-10-27T18:53:39.759Z

Link: CVE-2023-20584

cve-icon Vulnrichment

Updated: 2024-08-13T17:32:43.152Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-13T17:15:19.713

Modified: 2024-12-12T20:29:14.730

Link: CVE-2023-20584

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-08-13T12:00:00Z

Links: CVE-2023-20584 - Bugzilla