Skip to main content

Epyc 7003 Firmware CVE-2023-20594

MEDIUM
Access of Uninitialized Pointer (CWE-824)
2023-09-20 psirt@amd.com
Memory Corruption Information Disclosure Epyc 7003 Firmware Epyc 72F3 Firmware Epyc 7313 Firmware Epyc 7313P Firmware Epyc 7343 Firmware Epyc 7373X Firmware Epyc 73F3 Firmware Epyc 7443 Firmware Epyc 7413 Firmware Epyc 7443P Firmware Epyc 7453 Firmware Epyc 74F3 Firmware Epyc 7513 Firmware Epyc 7543 Firmware Epyc 7543P Firmware Epyc 7573X Firmware Epyc 75F3 Firmware Epyc 7643 Firmware Epyc 7663 Firmware Epyc 7713 Firmware Epyc 7713P Firmware Epyc 7743 Firmware Epyc 7763 Firmware Epyc 7773X Firmware Ryzen 3 3100 Firmware Ryzen 3 3200G Firmware Ryzen 3 3200Ge Firmware Ryzen 3 3200U Firmware Ryzen 3 3250C Firmware Ryzen 3 3250U Firmware Ryzen 3 3300 Firmware Ryzen 3 3300G Firmware Ryzen 3 3300U Firmware Ryzen 3 3300X Firmware Ryzen 3 3350U Firmware Ryzen 3 3450U Firmware Ryzen 3 3500C Firmware Ryzen 3 3500U Firmware Ryzen 3 3550H Firmware Ryzen 3 3580U Firmware Ryzen 3 3700C Firmware Ryzen 3 3700U Firmware Ryzen 3 3750H Firmware Ryzen 3 3780U Firmware Ryzen 3100 Firmware Ryzen 3300X Firmware Ryzen 3500 Firmware Ryzen 3500X Firmware Ryzen 3600 Firmware Ryzen 3600X Firmware Ryzen 3600Xt Firmware Ryzen 3800X Firmware Ryzen 3800Xt Firmware Ryzen 3900 Firmware Ryzen 3900X Firmware Ryzen 3900Xt Firmware Ryzen 3945Wx Firmware Ryzen 3950X Firmware Ryzen 3955Wx Firmware Ryzen 3960X Firmware Ryzen 3970X Firmware Ryzen 3975Wx Firmware Ryzen 3990X Firmware Ryzen 3995Wx Firmware Ryzen 5 5500 Firmware Ryzen 5 5500U Firmware Ryzen 5 5560U Firmware Ryzen 5 5600 Firmware Ryzen 5 5600G Firmware Ryzen 5 5600Ge Firmware Ryzen 5 5600H Firmware Ryzen 5 5600Hs Firmware Ryzen 5 5600U Firmware Ryzen 5 5600X Firmware Ryzen 5 5600X3D Firmware Ryzen 5 5625C Firmware Ryzen 5 5625U Firmware Ryzen 5 5700G Firmware Ryzen 5 5700Ge Firmware Ryzen 5300G Firmware Ryzen 5300Ge Firmware Ryzen 5500 Firmware Ryzen 5600 Firmware Ryzen 5600G Firmware Ryzen 5600Ge Firmware Ryzen 5600X Firmware Ryzen 5700G Firmware Ryzen 5700Ge Firmware Ryzen 5700X Firmware Ryzen 5800 Firmware Ryzen 5800X Firmware Ryzen 5800X3D Firmware Ryzen 5900 Firmware Ryzen 5900X Firmware Ryzen 5945Wx Firmware Ryzen 5950X Firmware Ryzen 5955Wx Firmware Ryzen 5965Wx Firmware Ryzen 5975Wx Firmware Ryzen 5995Wx Firmware Ryzen 4300G Firmware Ryzen 4300Ge Firmware Ryzen 4600G Firmware Ryzen 4600Ge Firmware Ryzen 4700G Firmware Ryzen 4700Ge Firmware Ryzen 4700S Firmware Ryzen Threadripper 3960X Firmware Ryzen Threadripper 3970X Firmware Ryzen Threadripper 3990X Firmware Ryzen Threadripper Pro 3795Wx Firmware Ryzen Threadripper Pro 3945Wx Firmware Ryzen Threadripper Pro 3955Wx Firmware Ryzen Threadripper Pro 3975Wx Firmware Ryzen Threadripper Pro 3995Wx Firmware Ryzen 6600H Firmware Ryzen 6600Hs Firmware Ryzen 6600U Firmware Ryzen 6800H Firmware Ryzen 6800Hs Firmware Ryzen 6800U Firmware Ryzen 6900Hs Firmware Ryzen 6900Hx Firmware Ryzen 6980Hs Firmware Ryzen 6980Hx Firmware
4.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.4 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Sep 20, 2023 - 18:15 nvd
MEDIUM 4.4

DescriptionNVD

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

AnalysisAI

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-824. Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Affected products include: Amd Epyc 7003 Firmware, Amd Epyc 72F3 Firmware, Amd Epyc 7313 Firmware, Amd Epyc 7313P Firmware, Amd Epyc 7343 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2021-26335 HIGH
7.8 Nov 16

Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to us

CVE-2021-26331 HIGH
7.8 Nov 16

AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox ent

CVE-2021-26315 HIGH
7.8 Nov 16

When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW,

CVE-2023-20531 HIGH
7.5 Jan 11

Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value

CVE-2023-20530 HIGH
7.5 Jan 11

Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resul

CVE-2023-20529 HIGH
7.5 Jan 11

Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value poten

CVE-2023-20527 MEDIUM
6.5 Jan 11

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, po

CVE-2023-20525 MEDIUM
6.5 Jan 11

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the b

CVE-2023-20523 MEDIUM
5.7 Jan 11

TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of inte

CVE-2022-23824 MEDIUM
5.5 Nov 09

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential in

CVE-2021-26337 MEDIUM
5.5 Nov 16

Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address

CVE-2021-26336 MEDIUM
5.5 Nov 16

Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result

Share

CVE-2023-20594 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy