CVE-2023-20588

Опубликовано: 08 авг. 2023

Источник: debian

EPSS Низкий

Описание

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	6.4.13-1		package
linux	fixed	5.10.197-1	bullseye	package
xen	fixed	4.17.2+55-g0b56bed864-1		package
xen	fixed	4.17.2+76-ge1f9cb16e2-1~deb12u1	bookworm	package
xen	end-of-life		bullseye	package
xen	end-of-life		buster	package

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html
https://git.kernel.org/linus/77245f1c3c6495521f6a3af082696ee2f8ce3921
https://git.kernel.org/linus/f58d6fbcb7c848b7f2469be339bc571f2e9d245b
https://xenbits.xen.org/xsa/advisory-439.html
https://github.com/xen-project/xen/commit/d7b78041dc819efde0350f27754a61cb01a93496

EPSS

Процентиль: 88%

0.03997

Низкий

CVE-2023-20588

CVSS3: 5.5

ubuntu

почти 2 года назад

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

CVE-2023-20588

CVSS3: 6

redhat

почти 2 года назад

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

CVE-2023-20588

CVSS3: 5.5

nvd

почти 2 года назад

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

CVE-2023-20588

msrc

больше 1 года назад

AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice

GHSA-6h77-2hc9-qm3w

CVSS3: 7.5

github

почти 2 года назад

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

EPSS

Процентиль: 88%

0.03997

Низкий