Vulnerability Description
Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amd | Epyc 8024Pn Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8024Pn | - |
| Amd | Epyc 8024P Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8024P | - |
| Amd | Epyc 8124Pn Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8124Pn | - |
| Amd | Epyc 8124P Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8124P | - |
| Amd | Epyc 8224Pn Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8224Pn | - |
| Amd | Epyc 8224P Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8224P | - |
| Amd | Epyc 8324Pn Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8324Pn | - |
| Amd | Epyc 8324P Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8324P | - |
| Amd | Epyc 8434Pn Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8434Pn | - |
| Amd | Epyc 8434P Firmware | < genoapi_1.0.0.8 |
| Amd | Epyc 8434P | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2023-20591?
CVE-2023-20591 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in ...
How severe is CVE-2023-20591?
CVE-2023-20591 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-20591?
Check the references section above for vendor advisories and patch information. Affected products include: Amd Epyc 8024Pn Firmware, Amd Epyc 8024Pn, Amd Epyc 8024P Firmware, Amd Epyc 8024P, Amd Epyc 8124Pn Firmware.