CVE-2023-20585
Publication date 16 April 2026
Last updated 26 June 2026
Ubuntu priority
Description
Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| amd64-microcode | 26.04 LTS resolute |
Needs evaluation
|
| 25.10 questing |
Needs evaluation
|
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial |
Needs evaluation
|
|
| 14.04 LTS trusty |
Needs evaluation
|
Notes
rodrigo-zaiden
affects SEV FW, supported in microcode package starting from noble. AMD advisory mentions SEV release in: Milan (fam 19h model 01h): SEV FW 1.37.23 (1.55.35) Genoa (fam 19h model 11h): SEV FW 1.37.31 (1.55.49) Upstream including these versions is found in commit 13786e87: Update AMD SEV firmware to version 1.58 build 1 for AMD family 19h processors with models in the range 00h to 0fh. Update AMD SEV firmware to version 1.58 build 1 for AMD family 19h processors with models in the range 10h to 1fh. Update AMD SEV firmware to version 1.58 build 3 for AMD family 1ah processors with models in the range 00h to 0fh. AMD Security Bulletin mentions and "OS-specific update" which is not clear yet what it is about, so keeping 'needs-triage'.
Severity score breakdown
CVSS version: CVSS v4.0
Base score
5.6 · Medium
Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N