CVE-2023-20588 - OpenCVE

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Amd	Epyc 7371 Firmware Athlon Gold Pro 3150ge Epyc 7351p Epyc 7281 Firmware Ryzen 3 Pro 3200ge Epyc 7301 Firmware Athlon Gold 3150ge Firmware Epyc 7251 Athlon Gold 3150ge Ryzen 3 3200g Firmware Epyc 7251 Firmware Ryzen 5 Pro 3400ge Ryzen 5 Pro 3350g Epyc 7281 Ryzen 3 Pro 3200ge Firmware Athlon Gold 3150g Firmware Ryzen 3 3200ge Ryzen 5 Pro 3400g Firmware Epyc 7571 Ryzen 5 Pro 3400ge Firmware Epyc 7501 Athlon Pro 300ge Firmware Athlon Gold 3150g Athlon Silver 3050ge Ryzen 5 Pro 3350g Firmware Epyc 7401 Firmware Ryzen 5 3400g Ryzen 5 3400g Firmware Epyc 7351 Firmware Epyc 7571 Firmware Ryzen 3 Pro 3200g Firmware Epyc 7401p Firmware Ryzen 3 3200g Epyc 7451 Epyc 7501 Firmware Ryzen 5 Pro 3400g Athlon Gold Pro 3150ge Firmware Epyc 7551 Firmware Epyc 7601 Firmware Epyc 7401 Athlon Silver 3050ge Firmware Epyc 7261 Firmware Ryzen 5 Pro 3350ge Firmware Ryzen 3 3200ge Firmware Athlon Gold Pro 3150g Firmware Epyc 7401p Epyc 7551p Firmware Epyc 7601 Epyc 7351p Firmware Epyc 7301 Epyc 7551p Epyc 7371 Ryzen 3 Pro 3200g Epyc 7451 Firmware Athlon Gold Pro 3150g Athlon Pro 300ge Ryzen 5 Pro 3350ge Athlon Silver Pro 3125ge Firmware Epyc 7351 Athlon Silver Pro 3125ge Epyc 7261 Epyc 7551
Microsoft	Windows 10 1507 Windows 10 21h2 Windows Server 2008 Windows 10 22h2 Windows Server 2012 Windows 10 1809 Windows 11 21h2 Windows Server 2022 23h2 Windows Server 2016 Windows Server 2019 Windows 11 23h2 Windows 11 22h2 Windows 10 1607
Xen	Xen
Fedoraproject	Fedora
Debian	Debian Linux

Configuration 1 [-]

OR	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*
	cpe:2.3:o:debian:debian_linux:12.0:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:amd:epyc_7351p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7351p:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:amd:epyc_7401p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7401p:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:amd:epyc_7551p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7551p:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:amd:epyc_7251_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7251:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:amd:epyc_7261_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7261:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:amd:epyc_7281_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7281:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:amd:epyc_7301_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7301:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:amd:epyc_7351_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7351:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:amd:epyc_7371_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7371:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:amd:epyc_7401_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7401:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:amd:epyc_7451_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7451:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:amd:epyc_7501_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7501:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:amd:epyc_7551_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7551:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:amd:epyc_7571_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7571:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:amd:epyc_7601_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:epyc_7601:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_5_pro_3400g:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_5_3400g:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_5_pro_3400ge:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_5_pro_3350g:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_5_pro_3350ge:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_3_pro_3200g:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_3_3200g:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_3_3200ge:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:ryzen_3_pro_3200ge:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:athlon_pro_300ge:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:athlon_gold_3150ge:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:athlon_gold_pro_3150ge:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:amd:athlon_gold_3150g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:athlon_gold_3150g:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:athlon_gold_pro_3150g:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:amd:athlon_silver_3050ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:athlon_silver_3050ge:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:amd:athlon_silver_pro_3125ge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:amd:athlon_silver_pro_3125ge:-:*:*:*:*:*:*:*

Configuration 33 [-]

cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*

Configuration 34 [-]

OR	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*
	cpe:2.3:o:fedoraproject:fedora:39:::::::*

Configuration 35 [-]

OR	cpe:2.3:o:microsoft:windows_10_1507::::::::
	cpe:2.3:o:microsoft:windows_10_1607::::::::
	cpe:2.3:o:microsoft:windows_10_1809::::::::
	cpe:2.3:o:microsoft:windows_10_21h2::::::::
	cpe:2.3:o:microsoft:windows_10_22h2::::::::
	cpe:2.3:o:microsoft:windows_11_21h2::::::::
	cpe:2.3:o:microsoft:windows_11_22h2::::::::
	cpe:2.3:o:microsoft:windows_11_23h2::::::::
	cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
	cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*
	cpe:2.3:o:microsoft:windows_server_2016::::::::
	cpe:2.3:o:microsoft:windows_server_2019::::::::
	cpe:2.3:o:microsoft:windows_server_2022_23h2::::::::

References

Link	Resource
http://www.openwall.com/lists/oss-security/2023/09/25/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/5	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/7	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/8	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/26/5	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/26/8	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/26/9	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/27/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/12	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/13	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/14	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/15	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/16	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/9	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/4	Mailing List Third Party Advisory
http://xenbits.xen.org/xsa/advisory-439.html	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/	Mailing List
https://security.netapp.com/advisory/ntap-20240531-0005/
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007	Vendor Advisory
https://www.debian.org/security/2023/dsa-5480	Third Party Advisory
https://www.debian.org/security/2023/dsa-5492	Third Party Advisory