Buffer overflow in Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics

CVE-2023-31364

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of ser…

Vulnerability class: Buffer Overflow

EPSS: 0.001 (19.6th percentile) — read the EPSS interpretation.

Affected products

Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics — versions No Fix Planned
Amd Epyc™ 7001 Series Processors — versions NaplesPI 1.0.0.R
Amd Epyc™ 7002 Series Processors — versions RomePI 1.0.0.N
Amd Epyc™ 7003 Series Processors — versions MilanPI 1.0.0.H
Amd Epyc™ 8004 Series Processors — versions GenoaPI 1.0.0.G
Amd Epyc™ 9004 Series Processors — versions GenoaPI 1.0.0.G
Amd Epyc™ 9005 Series Processors — versions TurinPI 1.0.0.7
Amd Epyc™ Embedded 3000 Series Processors — versions SnowyOwl_SP4_SP4r2.1.1.0.H
Amd Epyc™ Embedded 7002 Series Processors — versions EmbRomePI-SP3 1.0.0.F
Amd Epyc™ Embedded 7003 Series Processors — versions EmbMilanPI-SP3 v9 1.0.0.C

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html