CVE-2023-31364

Description

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

None

Integrity (Vulnerable System)

None

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

High

Affected products

AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD EPYC™ 7001 Series ProcessorsNaplesPI 1.0.0.R – NaplesPI 1.0.0.R
AMD / AMD EPYC™ 7002 Series ProcessorsRomePI 1.0.0.N – RomePI 1.0.0.N
AMD / AMD EPYC™ 7003 Series ProcessorsMilanPI 1.0.0.H – MilanPI 1.0.0.H
AMD / AMD EPYC™ 8004 Series ProcessorsGenoaPI 1.0.0.G – GenoaPI 1.0.0.G
AMD / AMD EPYC™ 9004 Series ProcessorsGenoaPI 1.0.0.G – GenoaPI 1.0.0.G
AMD / AMD EPYC™ 9005 Series ProcessorsTurinPI 1.0.0.7 – TurinPI 1.0.0.7
AMD / AMD EPYC™ Embedded 3000 Series ProcessorsSnowyOwl_SP4_SP4r2.1.1.0.H – SnowyOwl_SP4_SP4r2.1.1.0.H
AMD / AMD EPYC™ Embedded 7002 Series ProcessorsEmbRomePI-SP3 1.0.0.F – EmbRomePI-SP3 1.0.0.F
AMD / AMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 v9 1.0.0.C – EmbMilanPI-SP3 v9 1.0.0.C
AMD / AMD EPYC™ Embedded 8004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.B – EmbGenoaPI-SP5 1.0.0.B
AMD / AMD EPYC™ Embedded 9004 Series ProcessorEmbGenoaPI-SP5 1.0.0.B – EmbGenoaPI-SP5 1.0.0.B
AMD / AMD EPYC™ Embedded 9005 Series ProcessorsEmbTurinPI-SP5 1.0.0.1 – EmbTurinPI-SP5 1.0.0.1
AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded 5000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded 7000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded 8000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded R1000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded R2000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded V1000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded V2000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Embedded V3000 Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsNo Fix Planned – No Fix Planned
AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsNo Fix Planned – No Fix Planned

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html