CVE-2023-20585
Received Received - Intake

IOMMU RMP Buffer Access Flaw Allows Guest Integrity Breach

Vulnerability report for CVE-2023-20585, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-16

Last updated on: 2026-04-16

Assigner: Advanced Micro Devices Inc.

Description

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-16
Last Modified
2026-04-16
Generated
2026-07-07
AI Q&A
2026-04-16
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
amd epyc_7003 1.37.23
amd epyc_8004 1.37.31
amd epyc_embedded_7003 1.0.0.B
amd epyc_embedded_9004 1.0.0.A

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-788 The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves insufficient checks of the RMP (Reverse Map Table) on host buffer access within the IOMMU (Input-Output Memory Management Unit). An attacker who has privileges and has compromised the hypervisor (HV) can exploit this flaw to trigger an out-of-bounds condition without proper RMP checks.

This can lead to a potential loss of confidential guest integrity, meaning that the confidentiality of data within guest virtual machines could be compromised.

Impact Analysis

The impact of this vulnerability is a potential loss of confidential guest integrity. This means that sensitive data within virtual machines could be exposed or corrupted due to out-of-bounds memory access triggered by an attacker with elevated privileges and control over the hypervisor.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-20585. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart