CVE-2023-20593

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-20593
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
http://seclists.org/fulldisclosure/2023/Jul/43 Not Applicable
http://www.openwall.com/lists/oss-security/2023/07/24/3 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/1 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/12 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/13 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/14 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/15 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/16 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/17 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/5 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/6 Mailing List
http://www.openwall.com/lists/oss-security/2023/07/26/1 Mailing List Mitigation Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/07/31/2 Mailing List Mitigation Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/08/08/6
http://www.openwall.com/lists/oss-security/2023/08/08/7
http://www.openwall.com/lists/oss-security/2023/08/08/8
http://www.openwall.com/lists/oss-security/2023/08/16/4
http://www.openwall.com/lists/oss-security/2023/08/16/5
http://www.openwall.com/lists/oss-security/2023/09/22/11
http://www.openwall.com/lists/oss-security/2023/09/22/9
http://www.openwall.com/lists/oss-security/2023/09/25/4
http://www.openwall.com/lists/oss-security/2023/09/25/7
http://xenbits.xen.org/xsa/advisory-433.html Mitigation Patch Vendor Advisory
https://cmpxchg8b.com/zenbleed.html Exploit
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html Mailing List
https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/
https://security.netapp.com/advisory/ntap-20240531-0004/
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008 Vendor Advisory
https://www.debian.org/security/2023/dsa-5459 Third Party Advisory
https://www.debian.org/security/2023/dsa-5461 Third Party Advisory
https://www.debian.org/security/2023/dsa-5462 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:xen:xen:4.14.0:*:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:4.15.0:*:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:4.16.0:*:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:4.17.0:*:*:*:*:*:x86:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_3100:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_3300x:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3500:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3500x:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3600:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3600x:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3600xt:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_3700x:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_3800x:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_3800xt:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3900:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3900x:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3900xt:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3950x:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:amd:ryzen_9_pro_3900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_pro_3900:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3995wx:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3975wx:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3955wx:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3945wx:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:h:amd:ryzen_threadripper_3990x:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:h:amd:ryzen_threadripper_3970x:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:h:amd:ryzen_threadripper_3960x:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:h:amd:ryzen_7_4700g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:h:amd:ryzen_7_4700ge:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:h:amd:ryzen_5_4600g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:h:amd:ryzen_5_4600ge:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:h:amd:ryzen_3_4300g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_4300ge:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:amd:ryzen_3_pro_4450u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4450u:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:amd:ryzen_3_pro_4350ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4350ge:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:amd:ryzen_3_pro_4350g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4350g:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:amd:ryzen_3_pro_4200g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4200g:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:amd:ryzen_5_pro_4650ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_pro_4650ge:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:amd:ryzen_5_pro_4650g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_pro_4650g:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:amd:ryzen_5_pro_4400g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_pro_4400g:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:amd:ryzen_7_pro_4750u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_4750u:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:amd:ryzen_7_pro_4750ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_4750ge:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:amd:ryzen_7_pro_4750g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_4750g:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:amd:ryzen_7_5700u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_5700u:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:amd:ryzen_5_5500u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_5500u:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:amd:ryzen_3_5300u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_5300u:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:amd:ryzen_5_7520u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7520u:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:amd:ryzen_3_7320u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_7320u:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:amd:athlon_gold_7220u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:athlon_gold_7220u:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:amd:epyc_7232p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:amd:epyc_7302p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:amd:epyc_7402p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:amd:epyc_7502p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:amd:epyc_7702p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:amd:epyc_7252_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:amd:epyc_7262_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:amd:epyc_7272_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*

Configuration 55 (hide)

AND
cpe:2.3:o:amd:epyc_7282_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*

Configuration 56 (hide)

AND
cpe:2.3:o:amd:epyc_7302_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*

Configuration 57 (hide)

AND
cpe:2.3:o:amd:epyc_7352_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*

Configuration 58 (hide)

AND
cpe:2.3:o:amd:epyc_7402_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*

Configuration 59 (hide)

AND
cpe:2.3:o:amd:epyc_7452_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*

Configuration 60 (hide)

AND
cpe:2.3:o:amd:epyc_7502_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*

Configuration 61 (hide)

AND
cpe:2.3:o:amd:epyc_7532_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*

Configuration 62 (hide)

AND
cpe:2.3:o:amd:epyc_7542_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*

Configuration 63 (hide)

AND
cpe:2.3:o:amd:epyc_7552_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*

Configuration 64 (hide)

AND
cpe:2.3:o:amd:epyc_7642_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*

Configuration 65 (hide)

AND
cpe:2.3:o:amd:epyc_7662_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*

Configuration 66 (hide)

AND
cpe:2.3:o:amd:epyc_7702_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*

Configuration 67 (hide)

AND
cpe:2.3:o:amd:epyc_7742_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*

Configuration 68 (hide)

AND
cpe:2.3:o:amd:epyc_7h12_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7h12:-:*:*:*:*:*:*:*

Configuration 69 (hide)

AND
cpe:2.3:o:amd:epyc_7f32_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*

Configuration 70 (hide)

AND
cpe:2.3:o:amd:epyc_7f52_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*

Configuration 71 (hide)

AND
cpe:2.3:o:amd:epyc_7f72_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*
History

19 Nov 2024, 16:35

Type Values Removed Values Added
CWE CWE-209

10 Jun 2024, 18:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240531-0004/ -

21 Aug 2023, 03:15

Type Values Removed Values Added
References
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/ -

17 Aug 2023, 19:15

Type Values Removed Values Added
References
  • (MISC) http://www.openwall.com/lists/oss-security/2023/08/16/5 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/08/16/4 -

08 Aug 2023, 21:15

Type Values Removed Values Added
References
  • (MISC) http://www.openwall.com/lists/oss-security/2023/08/08/7 -
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/ -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/08/08/6 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/08/08/8 -

02 Aug 2023, 17:15

Type Values Removed Values Added
References
  • (MISC) https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html -

01 Aug 2023, 19:29

Type Values Removed Values Added
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/14 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/14 - Mailing List
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/1 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/1 - Mailing List
References (MISC) https://www.debian.org/security/2023/dsa-5459 - (MISC) https://www.debian.org/security/2023/dsa-5459 - Third Party Advisory
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/6 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/6 - Mailing List
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/13 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/13 - Mailing List
References (MISC) http://xenbits.xen.org/xsa/advisory-433.html - (MISC) http://xenbits.xen.org/xsa/advisory-433.html - Mitigation, Patch, Vendor Advisory
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/17 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/17 - Mailing List
References (MISC) https://www.debian.org/security/2023/dsa-5461 - (MISC) https://www.debian.org/security/2023/dsa-5461 - Third Party Advisory
References (MISC) https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html - (MISC) https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html - Mailing List, Third Party Advisory
References (MISC) https://www.debian.org/security/2023/dsa-5462 - (MISC) https://www.debian.org/security/2023/dsa-5462 - Third Party Advisory
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/16 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/16 - Mailing List
References (MISC) https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html - (MISC) https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html - Mailing List
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/12 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/12 - Mailing List
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/15 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/15 - Mailing List
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/5 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/5 - Mailing List
References (MISC) http://seclists.org/fulldisclosure/2023/Jul/43 - (MISC) http://seclists.org/fulldisclosure/2023/Jul/43 - Not Applicable
References (MISC) https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008 - (MISC) https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008 - Vendor Advisory
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/31/2 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/31/2 - Mailing List, Mitigation, Patch, Third Party Advisory
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/24/3 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/24/3 - Mailing List
References (MISC) http://www.openwall.com/lists/oss-security/2023/07/26/1 - (MISC) http://www.openwall.com/lists/oss-security/2023/07/26/1 - Mailing List, Mitigation, Patch, Third Party Advisory
References (MISC) https://cmpxchg8b.com/zenbleed.html - (MISC) https://cmpxchg8b.com/zenbleed.html - Exploit
CPE cpe:2.3:h:amd:ryzen_5_pro_4400g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_pro_4750g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_5500u:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7702p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_3800x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4350g:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4350ge:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3945wx:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7f52_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_4750ge:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_3800xt:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7272_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_5300u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_4600g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7252_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_3960x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3995wx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7702_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7532_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_pro_4350g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7542_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_pro_4200g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7f32_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.15.0:*:*:*:*:*:x86:*
cpe:2.3:o:amd:ryzen_5_5500u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3500x:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_5700u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_pro_4650ge:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7352_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7302_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3955wx:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_pro_4400g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_3100:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_pro_4750ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_4700g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7262_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7232p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3600xt:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3900xt:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_7520u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7302p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7282_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_pro_4650ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.17.0:*:*:*:*:*:x86:*
cpe:2.3:o:amd:ryzen_3_pro_4350ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_3700x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3600:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4200g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3500:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7452_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_4600ge:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_4750g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_pro_4750u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:athlon_gold_7220u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_3970x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_3600x:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_pro_4650g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7662_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_pro_4450u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_5300u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_7520u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_4700ge:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_4300g:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7742_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_3300x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7502_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_4300ge:-:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.16.0:*:*:*:*:*:x86:*
cpe:2.3:h:amd:ryzen_3_7320u:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7h12_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_3_pro_4450u:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7552_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_3_7320u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7h12:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_5700u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3900:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_5_pro_4650g:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_3990x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3900x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_pro_3900:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7502p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_threadripper_pro_3975wx:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_7_pro_4750u:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7f72_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:ryzen_9_pro_3900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.14.0:*:*:*:*:*:x86:*
cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7402_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
cpe:2.3:h:amd:athlon_gold_7220u:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7402p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:epyc_7642_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:ryzen_9_3950x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5

31 Jul 2023, 21:15

Type Values Removed Values Added
References
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/31/2 -

31 Jul 2023, 15:15

Type Values Removed Values Added
References
  • (MISC) https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html -

30 Jul 2023, 21:15

Type Values Removed Values Added
References
  • (MISC) https://www.debian.org/security/2023/dsa-5461 -
  • (MISC) https://www.debian.org/security/2023/dsa-5462 -

27 Jul 2023, 21:15

Type Values Removed Values Added
References
  • (MISC) https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html -

27 Jul 2023, 05:15

Type Values Removed Values Added
References
  • (MISC) https://www.debian.org/security/2023/dsa-5459 -

26 Jul 2023, 19:15

Type Values Removed Values Added
References
  • (MISC) http://xenbits.xen.org/xsa/advisory-433.html -

26 Jul 2023, 15:15

Type Values Removed Values Added
References
  • (MISC) https://cmpxchg8b.com/zenbleed.html -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/26/1 -

26 Jul 2023, 07:15

Type Values Removed Values Added
References
  • (MISC) http://seclists.org/fulldisclosure/2023/Jul/43 -

25 Jul 2023, 21:15

Type Values Removed Values Added
References
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/17 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/14 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/16 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/13 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/12 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/15 -

25 Jul 2023, 13:01

Type Values Removed Values Added
References
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/6 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/1 -
  • (MISC) http://www.openwall.com/lists/oss-security/2023/07/25/5 -

24 Jul 2023, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-07-24 20:15

Updated : 2024-11-19 16:35

NVD link : CVE-2023-20593

Mitre link : CVE-2023-20593

CVE.ORG link : CVE-2023-20593

JSON object : View

Products Affected

amd

  • ryzen_3_4300g
  • epyc_7282
  • epyc_7532_firmware
  • ryzen_threadripper_pro_3955wx
  • epyc_7302p_firmware
  • epyc_7532
  • ryzen_9_pro_3900
  • ryzen_3_pro_4450u
  • ryzen_7_4700g
  • ryzen_7_3800x_firmware
  • ryzen_7_5700u
  • ryzen_9_3900xt
  • ryzen_5_3600
  • athlon_gold_7220u
  • epyc_7702_firmware
  • ryzen_5_3600xt
  • epyc_7f52_firmware
  • epyc_7702
  • epyc_7h12
  • ryzen_9_3950x
  • ryzen_9_pro_3900_firmware
  • ryzen_5_7520u
  • epyc_7662
  • ryzen_threadripper_pro_3975wx
  • ryzen_7_pro_4750ge_firmware
  • epyc_7502_firmware
  • epyc_7402_firmware
  • epyc_7402p_firmware
  • epyc_7662_firmware
  • epyc_7f32_firmware
  • ryzen_3_4300ge_firmware
  • epyc_7302
  • ryzen_3_pro_4350g
  • epyc_7642
  • epyc_7282_firmware
  • ryzen_5_pro_4650g_firmware
  • ryzen_5_3500x_firmware
  • ryzen_5_pro_4650ge
  • epyc_7542
  • ryzen_threadripper_3960x
  • epyc_7402p
  • ryzen_5_3600x_firmware
  • ryzen_7_3800x
  • ryzen_threadripper_3990x
  • ryzen_7_4700ge_firmware
  • ryzen_3_4300g_firmware
  • ryzen_5_pro_4400g
  • ryzen_7_pro_4750g_firmware
  • ryzen_3_4300ge
  • epyc_7352
  • ryzen_5_3500x
  • ryzen_9_3900x
  • ryzen_threadripper_pro_3955wx_firmware
  • ryzen_3_3100
  • epyc_7232p_firmware
  • epyc_7f72_firmware
  • epyc_7452_firmware
  • ryzen_3_pro_4200g
  • ryzen_3_pro_4200g_firmware
  • epyc_7232p
  • ryzen_5_3600xt_firmware
  • ryzen_7_3700x_firmware
  • epyc_7502p_firmware
  • ryzen_7_pro_4750u_firmware
  • epyc_7352_firmware
  • ryzen_9_3950x_firmware
  • ryzen_threadripper_pro_3995wx_firmware
  • ryzen_threadripper_pro_3975wx_firmware
  • ryzen_5_7520u_firmware
  • ryzen_3_7320u
  • ryzen_5_pro_4650ge_firmware
  • epyc_7262_firmware
  • ryzen_5_3600x
  • ryzen_5_5500u_firmware
  • ryzen_threadripper_3970x
  • epyc_7452
  • ryzen_threadripper_3960x_firmware
  • epyc_7542_firmware
  • ryzen_threadripper_pro_3945wx_firmware
  • ryzen_3_5300u
  • ryzen_9_3900x_firmware
  • epyc_7742
  • ryzen_threadripper_3990x_firmware
  • ryzen_7_3700x
  • ryzen_threadripper_pro_3945wx
  • ryzen_3_pro_4350ge_firmware
  • ryzen_3_7320u_firmware
  • ryzen_5_3500
  • ryzen_3_5300u_firmware
  • ryzen_5_4600g_firmware
  • ryzen_5_4600ge_firmware
  • ryzen_9_3900_firmware
  • ryzen_7_pro_4750g
  • epyc_7f72
  • epyc_7552_firmware
  • ryzen_5_3500_firmware
  • epyc_7272
  • epyc_7f32
  • epyc_7262
  • epyc_7h12_firmware
  • epyc_7702p_firmware
  • epyc_7252
  • epyc_7502p
  • epyc_7302p
  • ryzen_3_3300x_firmware
  • ryzen_7_3800xt
  • ryzen_3_pro_4350g_firmware
  • ryzen_7_pro_4750ge
  • epyc_7702p
  • epyc_7252_firmware
  • epyc_7552
  • epyc_7642_firmware
  • epyc_7f52
  • epyc_7272_firmware
  • ryzen_3_3300x
  • ryzen_7_4700g_firmware
  • ryzen_3_pro_4450u_firmware
  • ryzen_3_pro_4350ge
  • ryzen_5_4600g
  • ryzen_5_pro_4400g_firmware
  • ryzen_5_5500u
  • epyc_7402
  • ryzen_5_pro_4650g
  • athlon_gold_7220u_firmware
  • ryzen_9_3900
  • ryzen_7_pro_4750u
  • epyc_7302_firmware
  • ryzen_7_3800xt_firmware
  • epyc_7502
  • ryzen_7_4700ge
  • ryzen_5_4600ge
  • ryzen_threadripper_pro_3995wx
  • ryzen_3_3100_firmware
  • ryzen_7_5700u_firmware
  • epyc_7742_firmware
  • ryzen_9_3900xt_firmware
  • ryzen_5_3600_firmware
  • ryzen_threadripper_3970x_firmware

xen

  • xen

debian

  • debian_linux
CWE
NVD-CWE-Other CWE-209

Generation of Error Message Containing Sensitive Information