Vulnerability Description
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
CVSS Score
6.0
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amd | Epyc 7773X Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7773X | - |
| Amd | Epyc 7763 Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7763 | - |
| Amd | Epyc 7713 Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7713 | - |
| Amd | Epyc 7713P Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7713P | - |
| Amd | Epyc 7663 Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7663 | - |
| Amd | Epyc 7663P Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7663P | - |
| Amd | Epyc 7643 Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7643 | - |
| Amd | Epyc 7643P Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7643P | - |
| Amd | Epyc 7573X Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 7573X | - |
| Amd | Epyc 75F3 Firmware | < milanpi_1.0.0.c |
| Amd | Epyc 75F3 | - |
Related Weaknesses (CWE)
References
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007Vendor Advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007Vendor Advisory
FAQ
What is CVE-2023-31346?
CVE-2023-31346 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
How severe is CVE-2023-31346?
CVE-2023-31346 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-31346?
Check the references section above for vendor advisories and patch information. Affected products include: Amd Epyc 7773X Firmware, Amd Epyc 7773X, Amd Epyc 7763 Firmware, Amd Epyc 7763, Amd Epyc 7713 Firmware.