Skip to main content

Fedora CVE-2023-20569

MEDIUM
Observable Discrepancy (CWE-203)
2023-08-08 psirt@amd.com
Amd Information Disclosure Fedora Debian Linux Ryzen 9 5950X Firmware Ryzen 9 5900X Firmware Ryzen 9 5900 Firmware Ryzen 9 Pro 5945 Firmware Ryzen 7 5800X3D Firmware Ryzen 7 5800X Firmware Ryzen 7 5800 Firmware Ryzen 7 5700X Firmware Ryzen 7 Pro 5845 Firmware Ryzen 5 5600X3D Firmware Ryzen 5 5600X Firmware Ryzen 5 5600 Firmware Ryzen 5 Pro 5645 Firmware Ryzen 7 5700 Firmware Ryzen 5 5500 Firmware Ryzen 3 5100 Firmware Ryzen 7 5700G Firmware Ryzen 7 5700Ge Firmware Ryzen 5 5600G Firmware Ryzen 5 5600Ge Firmware Ryzen 3 5300G Firmware Ryzen 3 5300Ge Firmware Ryzen 9 7950X3D Firmware Ryzen 9 7950X Firmware Ryzen 9 7900X3D Firmware Ryzen 9 7900X Firmware Ryzen 9 7900 Firmware Ryzen 9 Pro 7945 Firmware Ryzen 7 7800X3D Firmware Ryzen 7 7700X Firmware Ryzen 7 7700 Firmware Ryzen 7 Pro 7745 Firmware Ryzen 5 7600X Firmware Ryzen 5 7600 Firmware Ryzen 5 Pro 7645 Firmware Ryzen 5 7500F Firmware Ryzen Threadripper Pro 5995Wx Firmware Ryzen Threadripper Pro 5975Wx Firmware Ryzen Threadripper Pro 5965Wx Firmware Ryzen Threadripper Pro 5955Wx Firmware Ryzen Threadripper Pro 5945Wx Firmware Ryzen 7 5700U Firmware Ryzen 5 5500U Firmware Ryzen 3 5300U Firmware Ryzen 9 5980Hx Firmware Ryzen 9 5980Hs Firmware Ryzen 9 5900Hx Firmware Ryzen 9 5900Hs Firmware Ryzen 7 5800H Firmware Ryzen 7 5800Hs Firmware Ryzen 7 5825U Firmware Ryzen 7 5800U Firmware Ryzen 5 5600H Firmware Ryzen 5 5600Hs Firmware Ryzen 5 5625U Firmware Ryzen 5 5600U Firmware Ryzen 5 5560U Firmware Ryzen 3 5425U Firmware Ryzen 3 5400U Firmware Ryzen 3 5125C Firmware Ryzen 9 6980Hx Firmware Ryzen 9 6980Hs Firmware Ryzen 9 6900Hx Firmware Ryzen 9 6900Hs Firmware Ryzen 7 6800H Firmware Ryzen 7 6800Hs Firmware Ryzen 7 6800U Firmware Ryzen 5 6600H Firmware Ryzen 5 6600Hs Firmware Ryzen 5 6600U Firmware Ryzen 7 7735Hs Firmware Ryzen 7 7736U Firmware Ryzen 7 7735U Firmware Ryzen 5 7535Hs Firmware Ryzen 5 7535U Firmware Ryzen 3 7335U Firmware Ryzen 7 Pro 7730U Firmware Ryzen 5 Pro 7530U Firmware Ryzen 3 Pro 7330U Firmware Ryzen 9 Pro 7640Hs Firmware Ryzen 9 7940H Firmware Ryzen 7 Pro 7840Hs Firmware Ryzen 7 7840H Firmware Ryzen 7 7840U Firmware Ryzen 5 Pro 7640Hs Firmware Ryzen 5 7640H Firmware Ryzen 5 7640U Firmware Ryzen 5 7540U Firmware Ryzen 3 7440U Firmware Ryzen 9 7945Hx3D Firmware Ryzen 9 7945Hx Firmware Ryzen 9 7845Hx Firmware Ryzen 7 7745Hx Firmware Ryzen 5 7645Hx Firmware Epyc 7773X Firmware Epyc 7763 Firmware Epyc 7713 Firmware Epyc 7713P Firmware Epyc 7663 Firmware Epyc 7643 Firmware Epyc 7573X Firmware Epyc 75F3 Firmware Epyc 7543 Firmware Epyc 7543P Firmware Epyc 7513 Firmware Epyc 7453 Firmware Epyc 7473X Firmware Epyc 74F3 Firmware Epyc 7443 Firmware Epyc 7443P Firmware Epyc 7413 Firmware Epyc 7373X Firmware Epyc 73F3 Firmware Epyc 7343 Firmware Epyc 7313 Firmware Epyc 7313P Firmware Epyc 72F3 Firmware Epyc 9124 Firmware Epyc 9224 Firmware Epyc 9254 Firmware Epyc 9334 Firmware Epyc 9354 Firmware Epyc 9354P Firmware Epyc 9174F Firmware Epyc 9184X Firmware Epyc 9274F Firmware Epyc 9374F Firmware Epyc 9384X Firmware Epyc 9474F Firmware Epyc 9454 Firmware Epyc 9454P Firmware Epyc 9534 Firmware Epyc 9554 Firmware Epyc 9554P Firmware Epyc 9634 Firmware Epyc 9654 Firmware Epyc 9654P Firmware Epyc 9684X Firmware Epyc 9734 Firmware Epyc 9754S Firmware Epyc 9754 Firmware Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 Windows 11 22h2 Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022
4.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.7 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 08, 2023 - 18:15 nvd
MEDIUM 4.7

DescriptionNVD

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

AnalysisAI

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-203. A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. Affected products include: Fedoraproject Fedora, Debian Debian Linux, Amd Ryzen 9 5950X Firmware, Amd Ryzen 9 5900X Firmware, Amd Ryzen 9 5900 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-49113 CRITICAL POC
9.9 Jun 02

Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows au

CVE-2026-24061 CRITICAL POC
9.8 Jan 21

GNU Inetutils telnetd through version 2.7 contains a critical authentication bypass that allows remote attackers to gain

CVE-2025-32433 CRITICAL POC
10.0 Apr 16

Erlang/OTP SSH server allows unauthenticated remote code execution by exploiting a flaw in SSH protocol message handling

CVE-2017-11610 HIGH POC
8.8 Aug 23

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem

CVE-2015-0235 CRITICAL POC
10.0 Jan 28

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,

CVE-2014-3704 HIGH POC
7.5 Oct 16

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct

CVE-2013-0156 HIGH POC
7.5 Jan 13

active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, an

CVE-2017-12629 CRITICAL POC
9.8 Oct 14

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction wi

CVE-2017-14492 CRITICAL POC
9.8 Oct 03

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut

CVE-2014-2323 CRITICAL POC
9.8 Mar 14

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary

CVE-2016-2098 HIGH POC
7.3 Apr 07

Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to e

CVE-2016-6662 CRITICAL POC
9.8 Sep 20

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.2

Share

CVE-2023-20569 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy