CVE-2023-20585
Received Received - Intake
IOMMU RMP Buffer Access Flaw Allows Guest Integrity Breach

Publication date: 2026-04-16

Last updated on: 2026-04-16

Assigner: Advanced Micro Devices Inc.

Description
Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-16
Last Modified
2026-04-16
Generated
2026-06-16
AI Q&A
2026-04-16
EPSS Evaluated
2026-06-15
NVD
CVE-2023-20585
EUVD
EUVD-2023-24764
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
amd epyc_7003 1.37.23
amd epyc_8004 1.37.31
amd epyc_embedded_7003 1.0.0.B
amd epyc_embedded_9004 1.0.0.A
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-788 The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves insufficient checks of the RMP (Reverse Map Table) on host buffer access within the IOMMU (Input-Output Memory Management Unit). An attacker who has privileges and has compromised the hypervisor (HV) can exploit this flaw to trigger an out-of-bounds condition without proper RMP checks.

This can lead to a potential loss of confidential guest integrity, meaning that the confidentiality of data within guest virtual machines could be compromised.

Impact Analysis

The impact of this vulnerability is a potential loss of confidential guest integrity. This means that sensitive data within virtual machines could be exposed or corrupted due to out-of-bounds memory access triggered by an attacker with elevated privileges and control over the hypervisor.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-20585. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart