Vulnerability Description
The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amd | Milanpi-Sp3 Firmware | < 1.0.0.9 |
| Amd | Milanpi-Sp3 | - |
| Amd | Romepi Firmware | < 1.0.0.e |
| Amd | Romepi | - |
Related Weaknesses (CWE)
References
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032Vendor Advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032Vendor Advisory
FAQ
What is CVE-2022-23813?
CVE-2022-23813 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment.
How severe is CVE-2022-23813?
CVE-2022-23813 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-23813?
Check the references section above for vendor advisories and patch information. Affected products include: Amd Milanpi-Sp3 Firmware, Amd Milanpi-Sp3, Amd Romepi Firmware, Amd Romepi.