CVE-2023-31355

Description

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Affected products

AMD / 3rd Gen AMD EPYC™ Processorsvarious – MilanPI 1.0.0.D
AMD / 4th Gen AMD EPYC™ Processorsvarious – GenoaPI 1.0.0.C
AMD / AMD EPYC™ Embedded 7003various – EmbMilanPI-SP3 1.0.0.9
AMD / AMD EPYC™ Embedded 9003various – EmbGenoaPI-SP5 1.0.0.7

References

MISChttps://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html