Vulnerability in Amd 3rd Gen Epyc™ Processors
CVE-2023-20594
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
EPSS: 0.001 (17.7th percentile) — read the EPSS interpretation.
Affected products
- Amd 3rd Gen Epyc™ Processors — versions various
- Amd Ryzen™ Embedded 7000 — versions EmbeddedAM5PI 1.0.0.1
- Amd Ryzen™ Embedded V3000 — versions Embedded-PI_FP7r2 1.0.0.B
- Amd Ryzen™ 3000 Series Desktop Processors “Matisse” — versions various
- Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics “Renoir” Am4 — versions various
- Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “Renoir” Fp6 — versions various
- Amd Ryzen™ 5000 Series Desktop Processors “Vermeer” — versions various
- Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics “Cezanne” — versions various
- Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics "Barcelo" — versions various
- Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “Cezanne” — versions various
Weakness classification (CWE)
References
- www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4007 (vendor-advisory)