VDB
CVE-2023-20585
CVE-2023-20585
PUBLISHED
CVSS 5.599999904632568 MEDIUM
Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.
EPSS 0.02% · 5.4th percentile
Risk Scores
CVSS v4.0
5.599999904632568
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.02%
5.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| AMD | AMD EPYC™ 7003 Series Processors | SEV FW 1.37.23 |
| AMD | AMD EPYC™ Embedded 9004 Series Processors | EmbGenoaPI-1.0.0.A |
| AMD | AMD EPYC™ 9004 Series Processors | SEV FW 1.37.31 |
| AMD | AMD EPYC™ Embedded 7003 Series Processors | * |
Timeline
- Apr 14, 2026 CVE Published
- Apr 14, 2026 PoC Published
- Apr 14, 2026 PoC Published
- Apr 15, 2026 PoC Published
- Apr 17, 2026 Security Advisory
- Apr 17, 2026 Security Advisory
- Apr 17, 2026 Security Advisory
- Apr 17, 2026 Security Advisory
- Apr 17, 2026 Security Advisory
- Apr 17, 2026 Security Advisory
- Apr 17, 2026 Security Advisory
- Apr 17, 2026 Security Advisory
References
- https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3016.html url
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26169 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32224 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26174 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32150 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26162 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27918 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26178 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27913 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32075 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32149 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26154 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32163 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25250 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32068 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32225 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27931 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27909 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32181 advisory
…and 202 more