Vulnerability in Amd 3rd Gen Epyc™ Processors
CVE-2022-23830
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
EPSS: 0.001 (23.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 1.9 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N.
Affected products
- Amd 3rd Gen Epyc™ Processors — versions various
- Amd 4th Gen Epy™ Processors — versions various
- Amd Epyc™ Embedded 7003 — versions various
References
- www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 (vendor-advisory)
- www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 (vendor-advisory)
Frequently asked questions
- What is CVE-2022-23830?
- CVE-2022-23830 is a low-severity vulnerability in Amd 3rd Gen Epyc™ Processors. CVSS score: 1.9/10. Published 2023-11-14.
- How severe is CVE-2022-23830?
- Low severity. CVSS v3 base score is 1.9 out of 10.