Vulnerability in Amd 3rd Gen Epyc™ Processors

CVE-2023-20519

A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.

EPSS: 0.001 (18.9th percentile) — read the EPSS interpretation.

Affected products

Amd 3rd Gen Epyc™ Processors — versions various
Amd 4th Gen Epyc™ Processors — versions various

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 (vendor-advisory)