CVE-2023-20593

Summary

CVE	CVE-2023-20593
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-07-24 20:15:00 UTC
Updated	2023-09-25 21:15:00 UTC
Description	An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Amd	Athlon Gold 7220u	-	All	All	All
Operating System	Amd	Athlon Gold 7220u Firmware	-	All	All	All
Hardware	Amd	Epyc 7232p	-	All	All	All
Operating System	Amd	Epyc 7232p Firmware	-	All	All	All
Hardware	Amd	Epyc 7252	-	All	All	All
Operating System	Amd	Epyc 7252 Firmware	-	All	All	All
Hardware	Amd	Epyc 7262	-	All	All	All
Operating System	Amd	Epyc 7262 Firmware	-	All	All	All
Hardware	Amd	Epyc 7272	-	All	All	All
Operating System	Amd	Epyc 7272 Firmware	-	All	All	All
Hardware	Amd	Epyc 7282	-	All	All	All
Operating System	Amd	Epyc 7282 Firmware	-	All	All	All
Hardware	Amd	Epyc 7302	-	All	All	All
Hardware	Amd	Epyc 7302p	-	All	All	All
Operating System	Amd	Epyc 7302p Firmware	-	All	All	All
Operating System	Amd	Epyc 7302 Firmware	-	All	All	All
Hardware	Amd	Epyc 7352	-	All	All	All
Operating System	Amd	Epyc 7352 Firmware	-	All	All	All
Hardware	Amd	Epyc 7402	-	All	All	All
Hardware	Amd	Epyc 7402p	-	All	All	All
Operating System	Amd	Epyc 7402p Firmware	-	All	All	All
Operating System	Amd	Epyc 7402 Firmware	-	All	All	All
Hardware	Amd	Epyc 7452	-	All	All	All
Operating System	Amd	Epyc 7452 Firmware	-	All	All	All
Hardware	Amd	Epyc 7502	-	All	All	All
Hardware	Amd	Epyc 7502p	-	All	All	All
Operating System	Amd	Epyc 7502p Firmware	-	All	All	All
Operating System	Amd	Epyc 7502 Firmware	-	All	All	All
Hardware	Amd	Epyc 7532	-	All	All	All
Operating System	Amd	Epyc 7532 Firmware	-	All	All	All
Hardware	Amd	Epyc 7542	-	All	All	All
Operating System	Amd	Epyc 7542 Firmware	-	All	All	All
Hardware	Amd	Epyc 7552	-	All	All	All
Operating System	Amd	Epyc 7552 Firmware	-	All	All	All
Hardware	Amd	Epyc 7642	-	All	All	All
Operating System	Amd	Epyc 7642 Firmware	-	All	All	All
Hardware	Amd	Epyc 7662	-	All	All	All
Operating System	Amd	Epyc 7662 Firmware	-	All	All	All
Hardware	Amd	Epyc 7702	-	All	All	All
Hardware	Amd	Epyc 7702p	-	All	All	All
Operating System	Amd	Epyc 7702p Firmware	-	All	All	All
Operating System	Amd	Epyc 7702 Firmware	-	All	All	All
Hardware	Amd	Epyc 7742	-	All	All	All
Operating System	Amd	Epyc 7742 Firmware	-	All	All	All
Hardware	Amd	Epyc 7f32	-	All	All	All
Operating System	Amd	Epyc 7f32 Firmware	-	All	All	All
Hardware	Amd	Epyc 7f52	-	All	All	All
Operating System	Amd	Epyc 7f52 Firmware	-	All	All	All
Hardware	Amd	Epyc 7f72	-	All	All	All
Operating System	Amd	Epyc 7f72 Firmware	-	All	All	All
Hardware	Amd	Epyc 7h12	-	All	All	All
Operating System	Amd	Epyc 7h12 Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 3100	-	All	All	All
Operating System	Amd	Ryzen 3 3100 Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 3300x	-	All	All	All
Operating System	Amd	Ryzen 3 3300x Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 4300g	-	All	All	All
Hardware	Amd	Ryzen 3 4300ge	-	All	All	All
Operating System	Amd	Ryzen 3 4300ge Firmware	-	All	All	All
Operating System	Amd	Ryzen 3 4300g Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 5300u	-	All	All	All
Operating System	Amd	Ryzen 3 5300u Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 7320u	-	All	All	All
Operating System	Amd	Ryzen 3 7320u Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 Pro 4200g	-	All	All	All
Operating System	Amd	Ryzen 3 Pro 4200g Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 Pro 4350g	-	All	All	All
Hardware	Amd	Ryzen 3 Pro 4350ge	-	All	All	All
Operating System	Amd	Ryzen 3 Pro 4350ge Firmware	-	All	All	All
Operating System	Amd	Ryzen 3 Pro 4350g Firmware	-	All	All	All
Hardware	Amd	Ryzen 3 Pro 4450u	-	All	All	All
Operating System	Amd	Ryzen 3 Pro 4450u Firmware	-	All	All	All
Hardware	Amd	Ryzen 5 3500	-	All	All	All
Hardware	Amd	Ryzen 5 3500x	-	All	All	All
Operating System	Amd	Ryzen 5 3500x Firmware	-	All	All	All
Operating System	Amd	Ryzen 5 3500 Firmware	-	All	All	All
Hardware	Amd	Ryzen 5 3600	-	All	All	All
Hardware	Amd	Ryzen 5 3600x	-	All	All	All
Hardware	Amd	Ryzen 5 3600xt	-	All	All	All
Operating System	Amd	Ryzen 5 3600xt Firmware	-	All	All	All
Operating System	Amd	Ryzen 5 3600x Firmware	-	All	All	All
Operating System	Amd	Ryzen 5 3600 Firmware	-	All	All	All
Hardware	Amd	Ryzen 5 4600g	-	All	All	All
Hardware	Amd	Ryzen 5 4600ge	-	All	All	All
Operating System	Amd	Ryzen 5 4600ge Firmware	-	All	All	All
Operating System	Amd	Ryzen 5 4600g Firmware	-	All	All	All
Hardware	Amd	Ryzen 5 5500u	-	All	All	All
Operating System	Amd	Ryzen 5 5500u Firmware	-	All	All	All
Hardware	Amd	Ryzen 5 7520u	-	All	All	All
Operating System	Amd	Ryzen 5 7520u Firmware	-	All	All	All
Hardware	Amd	Ryzen 5 Pro 4400g	-	All	All	All
Operating System	Amd	Ryzen 5 Pro 4400g Firmware	-	All	All	All
Hardware	Amd	Ryzen 5 Pro 4650g	-	All	All	All
Hardware	Amd	Ryzen 5 Pro 4650ge	-	All	All	All
Operating System	Amd	Ryzen 5 Pro 4650ge Firmware	-	All	All	All
Operating System	Amd	Ryzen 5 Pro 4650g Firmware	-	All	All	All
Hardware	Amd	Ryzen 7 3700x	-	All	All	All
Operating System	Amd	Ryzen 7 3700x Firmware	-	All	All	All
Hardware	Amd	Ryzen 7 3800x	-	All	All	All
Hardware	Amd	Ryzen 7 3800xt	-	All	All	All
Operating System	Amd	Ryzen 7 3800xt Firmware	-	All	All	All
Operating System	Amd	Ryzen 7 3800x Firmware	-	All	All	All
Hardware	Amd	Ryzen 7 4700g	-	All	All	All
Hardware	Amd	Ryzen 7 4700ge	-	All	All	All
Operating System	Amd	Ryzen 7 4700ge Firmware	-	All	All	All
Operating System	Amd	Ryzen 7 4700g Firmware	-	All	All	All
Hardware	Amd	Ryzen 7 5700u	-	All	All	All
Operating System	Amd	Ryzen 7 5700u Firmware	-	All	All	All
Hardware	Amd	Ryzen 7 Pro 4750g	-	All	All	All
Hardware	Amd	Ryzen 7 Pro 4750ge	-	All	All	All
Operating System	Amd	Ryzen 7 Pro 4750ge Firmware	-	All	All	All
Operating System	Amd	Ryzen 7 Pro 4750g Firmware	-	All	All	All
Hardware	Amd	Ryzen 7 Pro 4750u	-	All	All	All
Operating System	Amd	Ryzen 7 Pro 4750u Firmware	-	All	All	All
Hardware	Amd	Ryzen 9 3900	-	All	All	All
Hardware	Amd	Ryzen 9 3900x	-	All	All	All
Hardware	Amd	Ryzen 9 3900xt	-	All	All	All
Operating System	Amd	Ryzen 9 3900xt Firmware	-	All	All	All
Operating System	Amd	Ryzen 9 3900x Firmware	-	All	All	All
Operating System	Amd	Ryzen 9 3900 Firmware	-	All	All	All
Hardware	Amd	Ryzen 9 3950x	-	All	All	All
Operating System	Amd	Ryzen 9 3950x Firmware	-	All	All	All
Hardware	Amd	Ryzen 9 Pro 3900	-	All	All	All
Operating System	Amd	Ryzen 9 Pro 3900 Firmware	-	All	All	All
Hardware	Amd	Ryzen Threadripper 3960x	-	All	All	All
Operating System	Amd	Ryzen Threadripper 3960x Firmware	-	All	All	All
Hardware	Amd	Ryzen Threadripper 3970x	-	All	All	All
Operating System	Amd	Ryzen Threadripper 3970x Firmware	-	All	All	All
Hardware	Amd	Ryzen Threadripper 3990x	-	All	All	All
Operating System	Amd	Ryzen Threadripper 3990x Firmware	-	All	All	All
Hardware	Amd	Ryzen Threadripper Pro 3945wx	-	All	All	All
Operating System	Amd	Ryzen Threadripper Pro 3945wx Firmware	-	All	All	All
Hardware	Amd	Ryzen Threadripper Pro 3955wx	-	All	All	All
Operating System	Amd	Ryzen Threadripper Pro 3955wx Firmware	-	All	All	All
Hardware	Amd	Ryzen Threadripper Pro 3975wx	-	All	All	All
Operating System	Amd	Ryzen Threadripper Pro 3975wx Firmware	-	All	All	All
Hardware	Amd	Ryzen Threadripper Pro 3995wx	-	All	All	All
Operating System	Amd	Ryzen Threadripper Pro 3995wx Firmware	-	All	All	All
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	11.0	All	All	All
Operating System	Debian	Debian Linux	12.0	All	All	All
Operating System	Xen	Xen	4.14.0	All	All	All
Operating System	Xen	Xen	4.15.0	All	All	All
Operating System	Xen	Xen	4.16.0	All	All	All
Operating System	Xen	Xen	4.17.0	All	All	All

References

Reference	Source	Link	Tags
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
oss-security - Re: Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed	MISC	www.openwall.com
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
[SECURITY] Fedora 37 Update: xen-4.16.5-1.fc37 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
Debian -- Security Information -- DSA-5459-1 amd64-microcode	MISC	www.debian.org
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
[SECURITY] [DLA 3508-1] linux security update	MISC	lists.debian.org
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
[SECURITY] [DLA 3511-1] amd64-microcode security update	MISC	lists.debian.org
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
oss-security - Re: Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed	MISC	www.openwall.com
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
[SECURITY] Fedora 38 Update: spectre-meltdown-checker-0.46-1.fc38 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
Debian -- Security Information -- DSA-5461-1 linux	MISC	www.debian.org
oss-security - Re: Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed	MISC	www.openwall.com
oss-security - Re: illumos (or at least danmcd) membership in the distros list	MISC	www.openwall.com
[SECURITY] [DLA 3512-1] linux-5.10 security update	MISC	lists.debian.org
Zenbleed	MISC	cmpxchg8b.com
oss-security - Re: Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed	MISC	www.openwall.com
oss-security - Xen Security Advisory 433 v2 (CVE-2023-20593) - x86/AMD: Zenbleed	MISC	www.openwall.com
www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008	MISC	www.amd.com
Debian -- Security Information -- DSA-5462-1 linux	MISC	www.debian.org
oss-security - Re: Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak	MISC	www.openwall.com
oss-security - Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed	MISC	www.openwall.com
SecLists.Org Security Mailing List Archive	MISC	seclists.org
XSA-433 - Xen Security Advisories	MISC	xenbits.xen.org
oss-security - Re: Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed	MISC	www.openwall.com
oss-security - Re: Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak	MISC	www.openwall.com
oss-security - Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors	MISC	www.openwall.com
[SECURITY] Fedora 38 Update: xen-4.17.1-9.fc38 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
oss-security - Re: illumos (or at least danmcd) membership in the distros list	MISC	www.openwall.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

160810 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12654)
160811 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12656)
160813 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12657)
160814 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12655)
160819 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12692)
160820 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12689)
160821 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12691)
160822 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-12690)
160943 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-12836)
160948 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-12839)
161023 Oracle Enterprise Linux Security Update for linux-firmware (ELSA-2023-5068)
199609 Ubuntu Security Notification for AMD Microcode Vulnerability (USN-6244-1)
199764 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6385-1)
199784 Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-6397-1)
199979 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6532-1)
242070 Red Hat Update for kernel security (RHSA-2023:5244)
242075 Red Hat Update for kernel-rt (RHSA-2023:5255)
242078 Red Hat Update for linux-firmware (RHSA-2023:5245)
242145 Red Hat Update for linux-firmware (RHSA-2023:5591)
242156 Red Hat Update for linux-firmware (RHSA-2023:5607)
242481 Red Hat Update for kernel (RHSA-2023:7382)
242483 Red Hat Update for kernel-rt (RHSA-2023:7389)
242515 Red Hat Update for kernel (RHSA-2023:7557)
242528 Red Hat Update for kernel-rt (RHSA-2023:7551)
242548 Red Hat Update for linux-firmware (RHSA-2023:7665)
242579 Red Hat Update for linux-firmware (RHSA-2023:7513)
242606 Red Hat Update for linux-firmware (RHSA-2023:7401)
242762 Red Hat Update for kernel (RHSA-2024:0403)
242832 Red Hat Update for linux-firmware (RHSA-2024:0561)
242862 Red Hat Update for kernel-rt (RHSA-2024:0402)
257254 CentOS Security Update for kernel
257272 Centos Security Update for linux-firmware
257284 CentOS Security Update for linux-firmware (CESA-2023:7513)
284364 Fedora Security Update for xen (FEDORA-2023-0d6aa10621)
284431 Fedora Security Update for spectre (FEDORA-2023-7228464f28)
355772 Amazon Linux Security Advisory for linux-firmware : ALAS2-2023-2190
355796 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2023-025
355798 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2023-050
355815 Amazon Linux Security Advisory for kernel : ALAS2023-2023-285
355817 Amazon Linux Security Advisory for linux-firmware : ALAS2023-2023-284
378928 Alibaba Cloud Linux Security Update for linux-firmware (ALINUX3-SA-2023:0123)
379043 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0136)
379090 IBM QRadar SIEM Multiple Security Vulnerabilities (7070736)
379274 Alibaba Cloud Linux Security Update for linux-firmware (ALINUX2-SA-2023:0049)
379435 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2024:0012)
503055 Alpine Linux Security Update for xen
503056 Alpine Linux Security Update for xen
503147 Alpine Linux Security Update for xen
505968 Alpine Linux Security Update for xen
6000008 Debian Security Update for linux (DSA 5461-1)
6000111 Debian Security Update for amd64-microcode (DLA 3511-1)
6000130 Debian Security Update for linux-5.10 (DLA 3512-1)
6000136 Debian Security Update for linux (DLA 3508-1)
6000198 Debian Security Update for linux (DSA 5462-1)
6000201 Debian Security Update for amd64-microcode (DSA 5459-1)
6140183 AWS Bottlerocket Security Update for microcode (GHSA-rjpv-g34v-wqch)
6140353 AWS Bottlerocket Security Update for kernel (GHSA-r4q9-f8pr-hw82)
673644 EulerOS Security Update for kernel (EulerOS-SA-2023-3336)
673848 EulerOS Security Update for kernel (EulerOS-SA-2023-3217)
673899 EulerOS Security Update for linux-firmware (EulerOS-SA-2023-3137)
754219 SUSE Enterprise Linux Security Update for kernel-firmware (SUSE-SU-2023:3001-1)
754221 SUSE Enterprise Linux Security Update for kernel-firmware (SUSE-SU-2023:3020-1)
754254 SUSE Enterprise Linux Security Update for kernel-firmware (SUSE-SU-2023:3206-1)
754281 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3349-1)
754997 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2023:3895-1)
754998 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2023:3894-1)
754999 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2023:3903-1)
755000 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2023:3902-1)
755983 SUSE Enterprise Linux Security Update for spectre-meltdown-checker (SUSE-SU-2024:0885-1)
755984 SUSE Enterprise Linux Security Update for spectre-meltdown-checker (SUSE-SU-2024:0884-1)
941249 AlmaLinux Security Update for kernel (ALSA-2023:5069)
941254 AlmaLinux Security Update for kernel-rt (ALSA-2023:5091)
941276 AlmaLinux Security Update for kernel (ALSA-2023:5244)
941280 AlmaLinux Security Update for linux-firmware (ALSA-2023:5245)
941286 AlmaLinux Security Update for linux-firmware (ALSA-2023:5068)
961015 Rocky Linux Security Update for kernel-rt (RLSA-2023:5091)
961022 Rocky Linux Security Update for kernel (RLSA-2023:5244)