Vulnerability-Lookup

alsa-2023:5068

Vulnerability from osv_almalinux

Published

2023-09-12 00:00

Modified

2023-10-05 13:12

Summary

Moderate: linux-firmware security update

Details

The linux-firmware packages contain all of the firmware files that are required by various devices to operate.

Security Fix(es):

hw: amd: Cross-Process Information Leak (CVE-2023-20593)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2023:5068	ADVISORY
	https://access.redhat.com/security/cve/CVE-2023-20593	REPORT
	https://bugzilla.redhat.com/2217845	REPORT
	https://errata.almalinux.org/9/ALSA-2023-5068.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl100-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "39.31.5.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl1000-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:39.31.5.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl105-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "18.168.6.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl135-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "18.168.6.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl2000-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "18.168.6.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl2030-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "18.168.6.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl3160-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:25.30.13.0-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl5000-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.83.5.1_1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl5150-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.24.2.2-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl6000g2a-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "18.168.6.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl6000g2b-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "18.168.6.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl6050-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "41.28.5.1-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "iwl7260-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:25.30.13.0-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "libertas-sd8787-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20230310-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "linux-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20230310-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "linux-firmware-whence"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20230310-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "netronome-firmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20230310-135.el9_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The linux-firmware packages contain all of the firmware files that are required by various devices to operate.\n\nSecurity Fix(es):\n\n* hw: amd: Cross-Process Information Leak (CVE-2023-20593)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
  "id": "ALSA-2023:5068",
  "modified": "2023-10-05T13:12:54Z",
  "published": "2023-09-12T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2023:5068"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-20593"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2217845"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2023-5068.html"
    }
  ],
  "related": [
    "CVE-2023-20593"
  ],
  "summary": "Moderate: linux-firmware security update"
}

CVE-2023-20593 (GCVE-0-2023-20593)

Vulnerability from cvelistv5 – Published: 2023-07-24 19:38 – Updated: 2025-02-13 16:39

Summary

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

Severity ?

No CVSS data available.

CWE

CWE-209 - Generation of Error Message Containing Sensitive Information

Assigner

AMD

References

URL

Tags

	https://www.amd.com/en/corporate/product-security…	vendor-advisory
	http://xenbits.xen.org/xsa/advisory-433.html
	http://www.openwall.com/lists/oss-security/2023/07/24/3
	http://seclists.org/fulldisclosure/2023/Jul/43
	http://www.openwall.com/lists/oss-security/2023/07/25/5
	http://www.openwall.com/lists/oss-security/2023/07/25/6
	http://www.openwall.com/lists/oss-security/2023/07/25/1
	http://www.openwall.com/lists/oss-security/2023/0…
	http://www.openwall.com/lists/oss-security/2023/0…
	http://www.openwall.com/lists/oss-security/2023/0…
	http://www.openwall.com/lists/oss-security/2023/0…
	http://www.openwall.com/lists/oss-security/2023/0…
	http://www.openwall.com/lists/oss-security/2023/0…
	http://www.openwall.com/lists/oss-security/2023/07/26/1
	https://cmpxchg8b.com/zenbleed.html
	https://www.debian.org/security/2023/dsa-5459
	https://lists.debian.org/debian-lts-announce/2023…
	https://www.debian.org/security/2023/dsa-5462
	https://www.debian.org/security/2023/dsa-5461
	https://lists.debian.org/debian-lts-announce/2023…
	http://www.openwall.com/lists/oss-security/2023/07/31/2
	https://lists.debian.org/debian-lts-announce/2023…
	https://lists.fedoraproject.org/archives/list/pac…
	http://www.openwall.com/lists/oss-security/2023/08/08/7
	http://www.openwall.com/lists/oss-security/2023/08/08/8
	http://www.openwall.com/lists/oss-security/2023/08/08/6
	http://www.openwall.com/lists/oss-security/2023/08/16/4
	http://www.openwall.com/lists/oss-security/2023/08/16/5
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	http://www.openwall.com/lists/oss-security/2023/09/22/9
	http://www.openwall.com/lists/oss-security/2023/0…
	http://www.openwall.com/lists/oss-security/2023/09/25/4
	http://www.openwall.com/lists/oss-security/2023/09/25/7
	https://security.netapp.com/advisory/ntap-2024053…

Impacted products

Vendor

Product

Version

AMD

Ryzen™ 3000 Series Desktop Processors “Matisse” AM4

Affected: various

AMD	AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4	Affected: various
AMD	3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT	Affected: various
AMD	Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3	Affected: various
AMD	Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Lucienne”	Affected: various
AMD	Ryzen™ 4000 Series Mobile processors with Radeon™ Graphics “Renoir”	Affected: various
AMD	Ryzen™ 7020 Series processors “Mendocino” FT6	Affected: various
AMD	2nd Gen AMD EPYC™ Processors	Affected: various

Date Public ?

2023-07-24 19:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:45.858Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-433.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/24/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Jul/43"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/17"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/16"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/25/15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/26/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cmpxchg8b.com/zenbleed.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5459"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5462"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5461"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/31/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/08/08/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/08/08/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/08/08/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/08/16/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/08/16/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/22/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/22/11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240531-0004/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20593",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T16:07:50.725588Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-209",
                "description": "CWE-209 Generation of Error Message Containing Sensitive Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T16:08:15.479Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 3000 Series Desktop Processors \u201cMatisse\u201d AM4",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics \u201cRenoir\u201d AM4",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "3rd Gen AMD Ryzen\u2122 Threadripper\u2122 Processors \u201cCastle Peak\u201d HEDT",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 Threadripper\u2122 PRO Processors \u201cCastle Peak\u201d WS SP3",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 5000 Series Mobile processors with Radeon\u2122 Graphics \u201cLucienne\u201d",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 4000 Series Mobile processors with Radeon\u2122 Graphics \u201cRenoir\u201d",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "AGESA",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 7020 Series processors \u201cMendocino\u201d FT6",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "\u00b5code / AGESA\u2122 firmware",
          "platforms": [
            "x86"
          ],
          "product": "2nd Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        }
      ],
      "datePublic": "2023-07-24T19:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(248, 249, 250);\"\u003eAn issue in \u201cZen 2\u201d CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.\u003c/span\u003e\n\n\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-10T17:12:11.483Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008"
        },
        {
          "url": "http://xenbits.xen.org/xsa/advisory-433.html"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/24/3"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Jul/43"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/5"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/6"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/1"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/13"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/17"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/12"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/16"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/14"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/25/15"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/26/1"
        },
        {
          "url": "https://cmpxchg8b.com/zenbleed.html"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5459"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5462"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5461"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/31/2"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/08/08/7"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/08/08/8"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/08/08/6"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/08/16/4"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/08/16/5"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/22/9"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/22/11"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240531-0004/"
        }
      ],
      "source": {
        "advisory": "AMD-SB-7008",
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20593",
    "datePublished": "2023-07-24T19:38:43.385Z",
    "dateReserved": "2022-10-27T18:53:39.762Z",
    "dateUpdated": "2025-02-13T16:39:49.154Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted