First published: Sat Nov 18 2023(Updated: )
AMD SEV-SNP Firmware could allow a local authenticated attacker to obtain sensitive information, caused by the failure to initialize memory. By sending a specially crafted request, an attacker could exploit this vulnerability to access stale data from other guests, and use this information to launch further attacks against the affected system.
Credit: psirt@amd.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security QRadar | <=7.5 - 7.5.0 UP9 IF03 | |
IBM Security QRadar Incident Forensics | <=7.5 - 7.5.0 UP9 IF03 | |
All of | ||
AMD EPYC 7773X Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7773X Firmware | ||
All of | ||
AMD EPYC 7763 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7763 Firmware | ||
All of | ||
AMD EPYC 7713P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7713 Firmware | ||
All of | ||
AMD EPYC 7713P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7713P Firmware | ||
All of | ||
AMD EPYC 7663 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7663 Firmware | ||
All of | ||
AMD EPYC 7663P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7663P Firmware | ||
All of | ||
AMD EPYC 7643P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7643 Firmware | ||
All of | ||
AMD EPYC Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7643P Firmware | ||
All of | ||
AMD EPYC 7573X Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7573X Firmware | ||
All of | ||
AMD EPYC 75F3 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 75F3 Firmware | ||
All of | ||
Amd Epyc Server Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7543 Firmware | ||
All of | ||
AMD EPYC 7543P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7543P Firmware | ||
All of | ||
AMD EPYC 7513 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7513 Firmware | ||
All of | ||
Amd Epyc Server Firmware | <milanpi_1.0.0.c | |
AMD EPYC Server | ||
All of | ||
AMD EPYC 7473X Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7473X Firmware | ||
All of | ||
AMD EPYC 74F3 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 74F3 Firmware | ||
All of | ||
AMD EPYC 7443P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7443P | ||
All of | ||
AMD EPYC 7443P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7443P Firmware | ||
All of | ||
AMD EPYC 7413 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7413 Firmware | ||
All of | ||
AMD EPYC 7373X Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7373X Firmware | ||
All of | ||
AMD EPYC 73F3 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 73F3 Firmware | ||
All of | ||
Amd Epyc Server Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7343 Firmware | ||
All of | ||
AMD EPYC Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7313 Firmware | ||
All of | ||
AMD EPYC 7313P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7313P Firmware | ||
All of | ||
AMD EPYC 7303 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7303 Firmware | ||
All of | ||
AMD EPYC 7303P Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7303P | ||
All of | ||
AMD EPYC 72F3 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 72F3 Firmware | ||
All of | ||
AMD EPYC 7203 Firmware | <milanpi_1.0.0.c | |
AMD EPYC 72F3 Firmware | ||
All of | ||
AMD EPYC Firmware | <milanpi_1.0.0.c | |
AMD EPYC 7203P Firmware | ||
All of | ||
AMD EPYC 8024PN Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8024PN Firmware | ||
All of | ||
AMD EPYC 8024PN Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8024PN Firmware | ||
All of | ||
AMD EPYC Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8124P Firmware | ||
All of | ||
AMD EPYC 8124PN | <genoapi_1.0.0.b | |
AMD EPYC 8124PN Firmware | ||
All of | ||
AMD EPYC 8224PN Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8224P Firmware | ||
All of | ||
AMD EPYC 8224PN Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8224PN Firmware | ||
All of | ||
AMD EPYC 8324P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8324P Firmware | ||
All of | ||
AMD EPYC 8324PN Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8324PN Firmware | ||
All of | ||
AMD EPYC 8434P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8434P Firmware | ||
All of | ||
AMD EPYC 8434P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8434PN Firmware | ||
All of | ||
AMD EPYC Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8534P Firmware | ||
All of | ||
AMD EPYC 8534PN Firmware | <genoapi_1.0.0.b | |
AMD EPYC 8534PN Firmware | ||
All of | ||
AMD EPYC 9124 Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9124 Firmware | ||
All of | ||
AMD EPYC 9224 Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9224 | ||
All of | ||
AMD EPYC 9254 Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9254 Firmware | ||
All of | ||
AMD EPYC 9334 firmware | <genoapi_1.0.0.b | |
AMD EPYC 9334 firmware | ||
All of | ||
AMD EPYC 9354 Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9354P | ||
All of | ||
AMD EPYC 9354P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9354P | ||
All of | ||
AMD EPYC 9174F Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9174F Firmware | ||
All of | ||
AMD EPYC 9184X Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9184X firmware | ||
All of | ||
AMD EPYC 9274F Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9274F Firmware | ||
All of | ||
AMD EPYC 9374F Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9374F Firmware | ||
All of | ||
AMD EPYC 9384X Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9384X Firmware | ||
All of | ||
AMD EPYC 9474F Firmware | <genoapi_1.0.0.b | |
AMD Epyc 9474F Firmware | ||
All of | ||
AMD EPYC 9454P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9454P | ||
All of | ||
AMD EPYC 9454P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9454P Firmware | ||
All of | ||
AMD EPYC 9534 Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9534 Firmware | ||
All of | ||
AMD EPYC 9554P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9554 Firmware | ||
All of | ||
AMD EPYC 9554P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9554P | ||
All of | ||
AMD EPYC 9634 Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9634 Firmware | ||
All of | ||
AMD EPYC 9654 Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9654 firmware | ||
All of | ||
AMD EPYC 9654P Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9654P Firmware | ||
All of | ||
AMD EPYC 9684X Firmware | <genoapi_1.0.0.b | |
AMD EPYC 9684X Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-31346 is considered a high-severity vulnerability due to potential sensitive information exposure.
To mitigate CVE-2023-31346, update the affected AMD Epyc firmware to the latest version available that addresses the vulnerability.
CVE-2023-31346 affects local authenticated users of certain AMD Epyc processors running vulnerable firmware versions.
CVE-2023-31346 allows an attacker to access stale data from other guests, potentially leading to information disclosure.
Products impacted by CVE-2023-31346 include various AMD Epyc processor firmware versions, specifically below milanpi_1.0.0.c.