The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment.
References
| Link | Resource |
|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 | Vendor Advisory |
Configurations
History
07 Nov 2023, 03:44
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment. |
20 Jan 2023, 18:40
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Amd romepi
Amd milanpi-sp3 Firmware Amd romepi Firmware Amd milanpi-sp3 Amd |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
| CWE | CWE-119 | |
| CPE | cpe:2.3:o:amd:milanpi-sp3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:romepi_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:amd:milanpi-sp3:-:*:*:*:*:*:*:* cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:* |
|
| References | (MISC) https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 - Vendor Advisory |
11 Jan 2023, 08:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-01-11 08:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-23813
Mitre link : CVE-2022-23813
CVE.ORG link : CVE-2022-23813
JSON object : View
Products Affected
amd
- milanpi-sp3_firmware
- milanpi-sp3
- romepi_firmware
- romepi
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer