CVE-2023-20585
IOMMU RMP Buffer Access Flaw Allows Guest Integrity Breach
Publication date: 2026-04-16
Last updated on: 2026-04-16
Assigner: Advanced Micro Devices Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | epyc_7003 | 1.37.23 |
| amd | epyc_8004 | 1.37.31 |
| amd | epyc_embedded_7003 | 1.0.0.B |
| amd | epyc_embedded_9004 | 1.0.0.A |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-788 | The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves insufficient checks of the RMP (Reverse Map Table) on host buffer access within the IOMMU (Input-Output Memory Management Unit). An attacker who has privileges and has compromised the hypervisor (HV) can exploit this flaw to trigger an out-of-bounds condition without proper RMP checks.
This can lead to a potential loss of confidential guest integrity, meaning that the confidentiality of data within guest virtual machines could be compromised.
How can this vulnerability impact me? :
The impact of this vulnerability is a potential loss of confidential guest integrity. This means that sensitive data within virtual machines could be exposed or corrupted due to out-of-bounds memory access triggered by an attacker with elevated privileges and control over the hypervisor.