CVE-2023-20593: A use-after-free in AMD Zen2 Processors

Published Jun 27, 2023
ยท
Updated

AMD Ryzen, Gen AMD EPYC Processors could allow a local authenticated attacker to obtain sensitive information, caused by a use-after-free flaw in the vzeroupper instruction. By conducting a cache timing attack using a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive data used by other processes, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core.

Affected Software

288 affected componentsFixes available
debian/amd64-microcode<=3.20191218.1, <=3.20230414.1
3.20230719.13.20230719.1~deb12u13.20230719.1~deb11u1
IBM Security Verify Governance, Identity Manager software component<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager virtual appliance component<=ISVG 10.0.2
XEN Xen=4.15.0
XEN Xen=4.17.0
XEN Xen=4.16.0
XEN Xen=4.14.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
All of the following
AMD Ryzen 3 3100 Firmware
AMD Ryzen 3 3100
All of the following
AMD Ryzen 3 3300x Firmware
AMD Ryzen 3 3300x
All of the following
AMD Ryzen 5 3500 Firmware
AMD Ryzen 5 3500
All of the following
AMD Ryzen 5 3500x Firmware
AMD Ryzen 5 3500x
All of the following
AMD Ryzen 5 3600 Firmware
AMD Ryzen 5 3600
All of the following
AMD Ryzen 5 3600x Firmware
AMD Ryzen 5 3600x
All of the following
AMD Ryzen 5 3600xt Firmware
AMD Ryzen 5 3600xt
All of the following
AMD Ryzen 7 3700x Firmware
AMD Ryzen 7 3700x
All of the following
AMD Ryzen 7 3800x Firmware
AMD Ryzen 7 3800x
All of the following
AMD Ryzen 7 3800xt Firmware
AMD Ryzen 7 3800xt
All of the following
AMD Ryzen 9 3900 Firmware
AMD Ryzen 9 3900
All of the following
AMD Ryzen 9 3900x Firmware
AMD Ryzen 9 3900x
All of the following
AMD Ryzen 9 3900xt Firmware
AMD Ryzen 9 3900xt
All of the following
AMD Ryzen 9 3950x Firmware
AMD Ryzen 9 3950x
All of the following
AMD Ryzen 9 Pro 3900 Firmware
AMD Ryzen 9 Pro 3900
All of the following
AMD Ryzen Threadripper Pro 3995wx Firmware
AMD Ryzen Threadripper Pro 3995wx
All of the following
AMD Ryzen Threadripper Pro 3975wx Firmware
AMD Ryzen Threadripper Pro 3975wx
All of the following
AMD Ryzen Threadripper Pro 3955wx Firmware
AMD Ryzen Threadripper Pro 3955wx
All of the following
AMD Ryzen Threadripper Pro 3945wx Firmware
AMD Ryzen Threadripper Pro 3945wx
All of the following
AMD Ryzen Threadripper 3990x Firmware
AMD Ryzen Threadripper 3990x
All of the following
AMD Ryzen Threadripper 3970x Firmware
AMD Ryzen Threadripper 3970x
All of the following
AMD Ryzen Threadripper 3960x Firmware
AMD Ryzen Threadripper 3960x
All of the following
AMD Ryzen 7 4700g Firmware
AMD Ryzen 7 4700g
All of the following
AMD Ryzen 7 4700ge Firmware
AMD Ryzen 7 4700ge
All of the following
AMD Ryzen 5 4600g Firmware
AMD Ryzen 5 4600g
All of the following
AMD Ryzen 5 4600ge Firmware
AMD Ryzen 5 4600ge
All of the following
AMD Ryzen 3 4300g Firmware
AMD Ryzen 3 4300g
All of the following
AMD Ryzen 3 4300ge Firmware
AMD Ryzen 3 4300ge
All of the following
AMD Ryzen 3 Pro 4450u Firmware
AMD Ryzen 3 Pro 4450u
All of the following
AMD Ryzen 3 Pro 4350ge Firmware
AMD Ryzen 3 Pro 4350ge
All of the following
AMD Ryzen 3 Pro 4350g Firmware
AMD Ryzen 3 Pro 4350g
All of the following
AMD Ryzen 3 Pro 4200g Firmware
AMD Ryzen 3 Pro 4200g
All of the following
AMD Ryzen 5 Pro 4650ge Firmware
AMD Ryzen 5 Pro 4650ge
All of the following
AMD Ryzen 5 Pro 4650g Firmware
AMD Ryzen 5 Pro 4650g
All of the following
AMD Ryzen 5 Pro 4400g Firmware
AMD Ryzen 5 Pro 4400g
All of the following
AMD Ryzen 7 Pro 4750u Firmware
AMD Ryzen 7 Pro 4750u
All of the following
AMD Ryzen 7 Pro 4750ge Firmware
AMD Ryzen 7 Pro 4750ge
All of the following
AMD Ryzen 7 Pro 4750g Firmware
AMD Ryzen 7 Pro 4750g
All of the following
AMD Ryzen 7 5700u Firmware
AMD Ryzen 7 5700u
All of the following
AMD Ryzen 5 5500u Firmware
AMD Ryzen 5 5500u
All of the following
AMD Ryzen 3 5300u Firmware
AMD Ryzen 3 5300u
All of the following
AMD Ryzen 5 7520u Firmware
AMD Ryzen 5 7520u
All of the following
AMD Ryzen 3 7320u Firmware
AMD Ryzen 3 7320u
All of the following
AMD Athlon Gold 7220u Firmware
AMD Athlon Gold 7220u
All of the following
AMD Epyc 7232p Firmware
AMD Epyc 7232p
All of the following
AMD Epyc 7302p Firmware
AMD Epyc 7302p
All of the following
AMD Epyc 7402p Firmware
AMD Epyc 7402p
All of the following
AMD Epyc 7502p Firmware
AMD Epyc 7502p
All of the following
AMD Epyc 7702p Firmware
AMD Epyc 7702p
All of the following
AMD Epyc 7252 Firmware
AMD Epyc 7252
All of the following
AMD Epyc 7262 Firmware
AMD Epyc 7262
All of the following
AMD Epyc 7272 Firmware
AMD Epyc 7272
All of the following
AMD Epyc 7282 Firmware
AMD Epyc 7282
All of the following
AMD Epyc 7302 Firmware
AMD Epyc 7302
All of the following
AMD Epyc 7352 Firmware
AMD Epyc 7352
All of the following
AMD Epyc 7402 Firmware
AMD Epyc 7402
All of the following
AMD Epyc 7452 Firmware
AMD Epyc 7452
All of the following
AMD Epyc 7502 Firmware
AMD Epyc 7502
All of the following
AMD Epyc 7532 Firmware
AMD Epyc 7532
All of the following
AMD Epyc 7542 Firmware
AMD Epyc 7542
All of the following
AMD Epyc 7552 Firmware
AMD Epyc 7552
All of the following
AMD Epyc 7642 Firmware
AMD Epyc 7642
All of the following
AMD Epyc 7662 Firmware
AMD Epyc 7662
All of the following
AMD Epyc 7702 Firmware
AMD Epyc 7702
All of the following
AMD Epyc 7742 Firmware
AMD Epyc 7742
All of the following
AMD Epyc 7h12 Firmware
AMD Epyc 7h12
All of the following
AMD Epyc 7f32 Firmware
AMD Epyc 7f32
All of the following
AMD Epyc 7f52 Firmware
AMD Epyc 7f52
All of the following
AMD Epyc 7f72 Firmware
AMD Epyc 7f72
AMD Ryzen 3 3100 Firmware
AMD Ryzen 3 3100
AMD Ryzen 3 3300x Firmware
AMD Ryzen 3 3300x
AMD Ryzen 5 3500 Firmware
AMD Ryzen 5 3500
AMD Ryzen 5 3500x Firmware
AMD Ryzen 5 3500x
AMD Ryzen 5 3600 Firmware
AMD Ryzen 5 3600
AMD Ryzen 5 3600x Firmware
AMD Ryzen 5 3600x
AMD Ryzen 5 3600xt Firmware
AMD Ryzen 5 3600xt
AMD Ryzen 7 3700x Firmware
AMD Ryzen 7 3700x
AMD Ryzen 7 3800x Firmware
AMD Ryzen 7 3800x
AMD Ryzen 7 3800xt Firmware
AMD Ryzen 7 3800xt
AMD Ryzen 9 3900 Firmware
AMD Ryzen 9 3900
AMD Ryzen 9 3900x Firmware
AMD Ryzen 9 3900x
AMD Ryzen 9 3900xt Firmware
AMD Ryzen 9 3900xt
AMD Ryzen 9 3950x Firmware
AMD Ryzen 9 3950x
AMD Ryzen 9 Pro 3900 Firmware
AMD Ryzen 9 Pro 3900
AMD Ryzen Threadripper Pro 3995wx Firmware
AMD Ryzen Threadripper Pro 3995wx
AMD Ryzen Threadripper Pro 3975wx Firmware
AMD Ryzen Threadripper Pro 3975wx
AMD Ryzen Threadripper Pro 3955wx Firmware
AMD Ryzen Threadripper Pro 3955wx
AMD Ryzen Threadripper Pro 3945wx Firmware
AMD Ryzen Threadripper Pro 3945wx
AMD Ryzen Threadripper 3990x Firmware
AMD Ryzen Threadripper 3990x
AMD Ryzen Threadripper 3970x Firmware
AMD Ryzen Threadripper 3970x
AMD Ryzen Threadripper 3960x Firmware
AMD Ryzen Threadripper 3960x
AMD Ryzen 7 4700g Firmware
AMD Ryzen 7 4700g
AMD Ryzen 7 4700ge Firmware
AMD Ryzen 7 4700ge
AMD Ryzen 5 4600g Firmware
AMD Ryzen 5 4600g
AMD Ryzen 5 4600ge Firmware
AMD Ryzen 5 4600ge
AMD Ryzen 3 4300g Firmware
AMD Ryzen 3 4300g
AMD Ryzen 3 4300ge Firmware
AMD Ryzen 3 4300ge
AMD Ryzen 3 Pro 4450u Firmware
AMD Ryzen 3 Pro 4450u
AMD Ryzen 3 Pro 4350ge Firmware
AMD Ryzen 3 Pro 4350ge
AMD Ryzen 3 Pro 4350g Firmware
AMD Ryzen 3 Pro 4350g
AMD Ryzen 3 Pro 4200g Firmware
AMD Ryzen 3 Pro 4200g
AMD Ryzen 5 Pro 4650ge Firmware
AMD Ryzen 5 Pro 4650ge
AMD Ryzen 5 Pro 4650g Firmware
AMD Ryzen 5 Pro 4650g
AMD Ryzen 5 Pro 4400g Firmware
AMD Ryzen 5 Pro 4400g
AMD Ryzen 7 Pro 4750u Firmware
AMD Ryzen 7 Pro 4750u
AMD Ryzen 7 Pro 4750ge Firmware
AMD Ryzen 7 Pro 4750ge
AMD Ryzen 7 Pro 4750g Firmware
AMD Ryzen 7 Pro 4750g
AMD Ryzen 7 5700u Firmware
AMD Ryzen 7 5700u
AMD Ryzen 5 5500u Firmware
AMD Ryzen 5 5500u
AMD Ryzen 3 5300u Firmware
AMD Ryzen 3 5300u
AMD Ryzen 5 7520u Firmware
AMD Ryzen 5 7520u
AMD Ryzen 3 7320u Firmware
AMD Ryzen 3 7320u
AMD Athlon Gold 7220u Firmware
AMD Athlon Gold 7220u
AMD Epyc 7232p Firmware
AMD Epyc 7232p
AMD Epyc 7302p Firmware
AMD Epyc 7302p
AMD Epyc 7402p Firmware
AMD Epyc 7402p
AMD Epyc 7502p Firmware
AMD Epyc 7502p
AMD Epyc 7702p Firmware
AMD Epyc 7702p
AMD Epyc 7252 Firmware
AMD Epyc 7252
AMD Epyc 7262 Firmware
AMD Epyc 7262
AMD Epyc 7272 Firmware
AMD Epyc 7272
AMD Epyc 7282 Firmware
AMD Epyc 7282
AMD Epyc 7302 Firmware
AMD Epyc 7302
AMD Epyc 7352 Firmware
AMD Epyc 7352
AMD Epyc 7402 Firmware
AMD Epyc 7402
AMD Epyc 7452 Firmware
AMD Epyc 7452
AMD Epyc 7502 Firmware
AMD Epyc 7502
AMD Epyc 7532 Firmware
AMD Epyc 7532
AMD Epyc 7542 Firmware
AMD Epyc 7542
AMD Epyc 7552 Firmware
AMD Epyc 7552
AMD Epyc 7642 Firmware
AMD Epyc 7642
AMD Epyc 7662 Firmware
AMD Epyc 7662
AMD Epyc 7702 Firmware
AMD Epyc 7702
AMD Epyc 7742 Firmware
AMD Epyc 7742
AMD Epyc 7h12 Firmware
AMD Epyc 7h12
AMD Epyc 7f32 Firmware
AMD Epyc 7f32
AMD Epyc 7f52 Firmware
AMD Epyc 7f52
AMD Epyc 7f72 Firmware
AMD Epyc 7f72
debian/amd64-microcode
3.20240820.1~deb11u13.20250311.1~deb11u13.20240820.1~deb12u13.20230719.1~deb12u13.20250311.1
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1

Remediation

Patch Available

http://www.openwall.com/lists/oss-security/2023/07/26/1

Patch Available

http://www.openwall.com/lists/oss-security/2023/07/31/2

Patch Available

http://xenbits.xen.org/xsa/advisory-433.html

Mitigation

Use msr-tools to set a chicken bit on all cores to enable a software workaround - note this will have some performance cost: wrmsr -a 0xc0011029 $(($(rdmsr -c 0xc0011029) | (1<<9)))

Event History

Jun 27, 2023
Data Sourced
via Red Hatยท09:25 AM
DescriptionSeverityAffected Software
Jul 24, 2023
CVE Published
via MITREยท07:38 PM
Data Sourced
via MITREยท07:38 PM
Description
Aug 25, 2023
Data Sourced
12:00 AM
SeverityWeakness
Jan 12, 2024
Data Sourced
via Launchpadยท12:15 AM
Description
Apr 28, 2025
Data Sourced
via Ubuntuยท02:11 PM
RemedyDescriptionSeverityAffected Software
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2023-20593?

CVE-2023-20593 has been classified with a high severity due to its potential for exposing sensitive information.

2

How do I fix CVE-2023-20593?

To mitigate CVE-2023-20593, users should update to the latest firmware and microcode provided by AMD.

3

Which systems are affected by CVE-2023-20593?

CVE-2023-20593 primarily affects AMD Ryzen and EPYC processors, especially those under specific microarchitectural conditions.

4

Can CVE-2023-20593 be exploited remotely?

No, CVE-2023-20593 requires local authenticated access to exploit the vulnerability.

5

What types of information could be affected by CVE-2023-20593?

CVE-2023-20593 could potentially allow an attacker to access sensitive data which may include cryptographic keys or other personal information.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
ยฉ 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203