Multiple vulnerabilities in SEV-SNP firmware on AMD processors
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-31346 CVE-2023-31347 |
| CWE-ID | CWE-665 CWE-264 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
3rd Gen AMD EPYC Processors Hardware solutions / Firmware 4th Gen AMD EPYC Processors Hardware solutions / Firmware |
| Vendor | AMD |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper Initialization
EUVDB-ID: #VU94741
Risk: Low
CVSSv3.1: 2.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-31346
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper initialization in SEV Firmware. A local user can run a specially crafted application to access stale data from other guests.
MitigationInstall updates from vendor's website.
Vulnerable software versions3rd Gen AMD EPYC Processors: All versions
4th Gen AMD EPYC Processors: All versions
External linkshttp://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU94742
Risk: Low
CVSSv3.1: 2.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-31347
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to modify data on other guests.
The vulnerability exists due to improper privilege management in Secure_TSC, SEV firmware. A local user can cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.
MitigationInstall updates from vendor's website.
Vulnerable software versions3rd Gen AMD EPYC Processors: All versions
4th Gen AMD EPYC Processors: All versions
External linkshttp://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
