CVE-2023-20569

NameCVE-2023-20569
DescriptionA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3525-1, DSA-5475-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
amd64-microcode (PTS)bullseye/non-free3.20240820.1~deb11u1fixed
bullseye/non-free (security)3.20230719.1~deb11u1fixed
bookworm/non-free-firmware3.20240820.1~deb12u1fixed
bookworm/non-free-firmware (security)3.20230719.1~deb12u1fixed
sid/non-free-firmware, trixie/non-free-firmware3.20240820.1fixed
linux (PTS)bullseye5.10.223-1fixed
bullseye (security)5.10.226-1fixed
bookworm6.1.115-1fixed
bookworm (security)6.1.119-1fixed
sid, trixie6.11.10-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
amd64-microcodesourcebuster3.20230719.1~deb10u1
amd64-microcodesourcebullseye3.20230719.1~deb11u1
amd64-microcodesourcebookworm3.20230719.1~deb12u1
amd64-microcodesource(unstable)3.20230719.1
linuxsourcebullseye5.10.179-5DSA-5475-1
linuxsourcebookworm6.1.38-4DSA-5475-1
linuxsource(unstable)6.4.4-3
linux-5.10sourcebuster5.10.179-5~deb10u1DLA-3525-1

Notes

[buster] - linux <ignored> (Mitigation is too invasive to backport)
SRSO microcode for Milan (Zen3 EPYC):
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/amd-ucode?id=b250b32ab1d044953af2dc5e790819a7703b7ee6
3.20230719.1 ships the first batch of fixes, only for 3nd gen EPYC CPUs (Milan),
further update for 4th gen EPYC CPUs to follow in later releases.
Updated microcode for 4th gen EPYC CPUs Genoa (Family=0x19 Model=0x11) and
Bergamo (Family=0x19 Model=0xa0) with (cf: https://bugs.debian.org/1043381):
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=f2eb058afc57348cde66852272d6bf11da1eef8f
3.20230808.1.1 ships this second batch of fixes for 4th gen EPYC CPUs.
https://comsec.ethz.ch/research/microarch/inception/
https://comsec.ethz.ch/wp-content/files/inception_sec23.pdf
https://github.com/comsec-group/inception
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-7005
https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf
https://www.openwall.com/lists/oss-security/2023/08/08/4

Search for package or bug name: Reporting problems