Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2023-20569

Disclosure Date: August 08, 2023 •

CVE-2023-20569 CVSS v3 Base Score: 4.7

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

4.7 Medium

Impact Score:

3.6

Exploitability Score:

Vector:

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector (AV):

Local

Attack Complexity (AC):

High

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

None

Availability (A):

None

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

Ryzen™ 3000 Series Desktop Processors not down converted

Ryzen™ PRO 3000 Series Desktop Processors not down converted

Ryzen™ 3000 Series Desktop Processors with Radeon™ Graphics not down converted

Ryzen™ PRO 3000 Series Processors with Radeon™ Vega Graphics not down converted

Athlon™ 3000 Series Processors with Radeon™ Graphics not down converted

Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics not down converted

Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics not down converted

Ryzen™ PRO 4000 Series Desktop Processors not down converted

Ryzen™ 5000 Series Desktop Processors not down converted

Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics not down converted

Ryzen™ Threadripper™ 2000 Series Processors not down converted

Ryzen™ Threadripper™ 5000 Series Processors not down converted

Ryzen™ Threadripper™ 3000 Series Processors not down converted

Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics not down converted

Ryzen™ 5000 Series Processors with Radeon™ Graphics not down converted

Ryzen™ PRO 5000 Series Processors not down converted

Ryzen™ 6000 Series Processors with Radeon™ Graphics not down converted

Ryzen™ PRO 6000 Series Processors not down converted

Ryzen™ 7040 Series Processors with Radeon™ Graphics not down converted

Ryzen™ 7000 Series Processors not down converted

Ryzen™ 7000 Series Processors with Radeon™ Graphics not down converted

2nd Gen AMD EPYC™ Processors not down converted

3rd Gen AMD EPYC™ Processors not down converted

4th Gen AMD EPYC™ Processors not down converted

Ryzen™ PRO 5000 Series Desktop Processors not down converted

1st Gen AMD EPYC™ Processors not down converted

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

amd,
debian,
fedoraproject,
microsoft

Products

debian linux 10.0,
debian linux 11.0,
debian linux 12.0,
epyc 72f3 firmware,
epyc 7313 firmware,
epyc 7313p firmware,
epyc 7343 firmware,
epyc 7373x firmware,
epyc 73f3 firmware,
epyc 7413 firmware,
epyc 7443 firmware,
epyc 7443p firmware,
epyc 7453 firmware,
epyc 7473x firmware,
epyc 74f3 firmware,
epyc 7513 firmware,
epyc 7543 firmware,
epyc 7543p firmware,
epyc 7573x firmware,
epyc 75f3 firmware,
epyc 7643 firmware,
epyc 7663 firmware,
epyc 7713 firmware,
epyc 7713p firmware,
epyc 7763 firmware,
epyc 7773x firmware,
epyc 9124 firmware,
epyc 9174f firmware,
epyc 9184x firmware,
epyc 9224 firmware,
epyc 9254 firmware,
epyc 9274f firmware,
epyc 9334 firmware,
epyc 9354 firmware,
epyc 9354p firmware,
epyc 9374f firmware,
epyc 9384x firmware,
epyc 9454 firmware,
epyc 9454p firmware,
epyc 9474f firmware,
epyc 9534 firmware,
epyc 9554 firmware,
epyc 9554p firmware,
epyc 9634 firmware,
epyc 9654 firmware,
epyc 9654p firmware,
epyc 9684x firmware,
epyc 9734 firmware,
epyc 9754 firmware,
epyc 9754s firmware,
fedora 37,
fedora 38,
ryzen 3 5100 firmware,
ryzen 3 5125c firmware,
ryzen 3 5300g firmware,
ryzen 3 5300ge firmware,
ryzen 3 5300u firmware,
ryzen 3 5400u firmware,
ryzen 3 5425u firmware,
ryzen 3 7335u firmware,
ryzen 3 7440u firmware,
ryzen 3 pro 7330u firmware,
ryzen 5 5500 firmware,
ryzen 5 5500u firmware,
ryzen 5 5560u firmware,
ryzen 5 5600 firmware,
ryzen 5 5600g firmware,
ryzen 5 5600ge firmware,
ryzen 5 5600h firmware,
ryzen 5 5600hs firmware,
ryzen 5 5600u firmware,
ryzen 5 5600x firmware,
ryzen 5 5600x3d firmware,
ryzen 5 5625u firmware,
ryzen 5 6600h firmware,
ryzen 5 6600hs firmware,
ryzen 5 6600u firmware,
ryzen 5 7500f firmware,
ryzen 5 7535hs firmware,
ryzen 5 7535u firmware,
ryzen 5 7540u firmware,
ryzen 5 7600 firmware,
ryzen 5 7600x firmware,
ryzen 5 7640h firmware,
ryzen 5 7640u firmware,
ryzen 5 7645hx firmware,
ryzen 5 pro 5645 firmware,
ryzen 5 pro 7530u firmware,
ryzen 5 pro 7640hs firmware,
ryzen 5 pro 7645 firmware,
ryzen 7 5700 firmware,
ryzen 7 5700g firmware,
ryzen 7 5700ge firmware,
ryzen 7 5700u firmware,
ryzen 7 5700x firmware,
ryzen 7 5800 firmware,
ryzen 7 5800h firmware,
ryzen 7 5800hs firmware,
ryzen 7 5800u firmware,
ryzen 7 5800x firmware,
ryzen 7 5800x3d firmware,
ryzen 7 5825u firmware,
ryzen 7 6800h firmware,
ryzen 7 6800hs firmware,
ryzen 7 6800u firmware,
ryzen 7 7700 firmware,
ryzen 7 7700x firmware,
ryzen 7 7735hs firmware,
ryzen 7 7735u firmware,
ryzen 7 7736u firmware,
ryzen 7 7745hx firmware,
ryzen 7 7800x3d firmware,
ryzen 7 7840h firmware,
ryzen 7 7840u firmware,
ryzen 7 pro 5845 firmware,
ryzen 7 pro 7730u firmware,
ryzen 7 pro 7745 firmware,
ryzen 7 pro 7840hs firmware,
ryzen 9 5900 firmware,
ryzen 9 5900hs firmware,
ryzen 9 5900hx firmware,
ryzen 9 5900x firmware,
ryzen 9 5950x firmware,
ryzen 9 5980hs firmware,
ryzen 9 5980hx firmware,
ryzen 9 6900hs firmware,
ryzen 9 6900hx firmware,
ryzen 9 6980hs firmware,
ryzen 9 6980hx firmware,
ryzen 9 7845hx firmware,
ryzen 9 7900 firmware,
ryzen 9 7900x firmware,
ryzen 9 7900x3d firmware,
ryzen 9 7940h firmware,
ryzen 9 7945hx firmware,
ryzen 9 7945hx3d firmware,
ryzen 9 7950x firmware,
ryzen 9 7950x3d firmware,
ryzen 9 pro 5945 firmware,
ryzen 9 pro 7640hs firmware,
ryzen 9 pro 7945 firmware,
ryzen threadripper pro 5945wx firmware,
ryzen threadripper pro 5955wx firmware,
ryzen threadripper pro 5965wx firmware,
ryzen threadripper pro 5975wx firmware,
ryzen threadripper pro 5995wx firmware,
windows 10 1507,
windows 10 1607,
windows 10 1809,
windows 10 21h2,
windows 10 22h2,
windows 11 21h2,
windows 11 22h2,
windows server 2008 -,
windows server 2008 r2,
windows server 2012 -,
windows server 2012 r2,
windows server 2016,
windows server 2019,
windows server 2022

References

Canonical

CVE-2023-20569 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569)

Miscellaneous

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005

http://xenbits.xen.org/xsa/advisory-434.html

http://www.openwall.com/lists/oss-security/2023/08/08/4

https://comsec.ethz.ch/research/microarch/inception/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/

https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html

https://www.debian.org/security/2023/dsa-5475

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/

https://security.netapp.com/advisory/ntap-20240605-0006/

Rapid7

Unknown

CVE-2023-20569

Unknown

Unknown

None

Low

Local

CVE-2023-20569

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2023-20569

Unknown

Unknown

None

Low

Local

CVE-2023-20569

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification