CVE-2023-20588 | Speculative Leaks

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 

Published: 2023-08-08 Last update: 2024-11-21 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2023-20588 is rated Moderate Risk (52.3/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 4.26%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2023-20588

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-04 5.14% 4.26% -0.88%
2 2026-06-03 6.70% 5.14% -1.56%
3 2026-05-11 6.70%

Full EPSS history (27 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2023-20588

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.5 3.1 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L)
A normal user session is enough; they don’t have to be admin.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
 1.8 3.6 [email protected]

Weakness enumeration for CVE-2023-20588

OS Trackers for CVE-2023-20588

vendor priority summary link
alpine CVE-2023-20588: 1 source package rows (xen); 7 state rows across 7 repos (3.17-main, 3.18-main, 3.19-main, 3.20-main, 3.21-main, 3.22-main, edge-main); fixed 7, open 0. https://security.alpinelinux.org/vuln/CVE-2023-20588
debian end-of-life CVE-2023-20588 end-of-life priority: Debian including 2 source packages (linux, xen), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 9, open 1. https://security-tracker.debian.org/tracker/CVE-2023-20588
redhat low https://access.redhat.com/security/cve/CVE-2023-20588
suse medium https://www.suse.com/security/cve/CVE-2023-20588/
ubuntu high CVE-2023-20588 high priority: Ubuntu including 167 source packages (linux, linux-allwinner, …), 1873 status rows across 12 suites (bionic, focal, jammy, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial): DNE 1428, released 238, not-affected 115, ignored 90, needed 2. https://ubuntu.com/security/CVE-2023-20588

Affected software / configurations for CVE-2023-20588

Vendor Product Version Raw CPE
debian debian_linux 10.0 cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
debian debian_linux 11.0 cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
debian debian_linux 12.0 cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
amd epyc_7351p_firmware cpe:2.3:o:amd:epyc_7351p_firmware:-:*:*:*:*:*:*:*
amd epyc_7401p_firmware cpe:2.3:o:amd:epyc_7401p_firmware:-:*:*:*:*:*:*:*
amd epyc_7551p_firmware cpe:2.3:o:amd:epyc_7551p_firmware:-:*:*:*:*:*:*:*
amd epyc_7251_firmware cpe:2.3:o:amd:epyc_7251_firmware:-:*:*:*:*:*:*:*
amd epyc_7261_firmware cpe:2.3:o:amd:epyc_7261_firmware:-:*:*:*:*:*:*:*
amd epyc_7281_firmware cpe:2.3:o:amd:epyc_7281_firmware:-:*:*:*:*:*:*:*
amd epyc_7301_firmware cpe:2.3:o:amd:epyc_7301_firmware:-:*:*:*:*:*:*:*
amd epyc_7351_firmware cpe:2.3:o:amd:epyc_7351_firmware:-:*:*:*:*:*:*:*
amd epyc_7371_firmware cpe:2.3:o:amd:epyc_7371_firmware:-:*:*:*:*:*:*:*
amd epyc_7401_firmware cpe:2.3:o:amd:epyc_7401_firmware:-:*:*:*:*:*:*:*
amd epyc_7451_firmware cpe:2.3:o:amd:epyc_7451_firmware:-:*:*:*:*:*:*:*
amd epyc_7501_firmware cpe:2.3:o:amd:epyc_7501_firmware:-:*:*:*:*:*:*:*
amd epyc_7551_firmware cpe:2.3:o:amd:epyc_7551_firmware:-:*:*:*:*:*:*:*
amd epyc_7571_firmware cpe:2.3:o:amd:epyc_7571_firmware:-:*:*:*:*:*:*:*
amd epyc_7601_firmware cpe:2.3:o:amd:epyc_7601_firmware:-:*:*:*:*:*:*:*
amd ryzen_5_pro_3400g_firmware cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*
amd ryzen_5_3400g_firmware cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
amd ryzen_5_pro_3400ge_firmware cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*
amd ryzen_5_pro_3350g_firmware cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*
amd ryzen_5_pro_3350ge_firmware cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*
amd ryzen_3_pro_3200g_firmware cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*
amd ryzen_3_3200g_firmware cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*
amd ryzen_3_3200ge_firmware cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
amd ryzen_3_pro_3200ge_firmware cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*
amd athlon_pro_300ge_firmware cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*
amd athlon_gold_3150ge_firmware cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*
amd athlon_gold_pro_3150ge_firmware cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*
amd athlon_gold_3150g_firmware cpe:2.3:o:amd:athlon_gold_3150g_firmware:-:*:*:*:*:*:*:*
amd athlon_gold_pro_3150g_firmware cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*
amd athlon_silver_3050ge_firmware cpe:2.3:o:amd:athlon_silver_3050ge_firmware:-:*:*:*:*:*:*:*
amd athlon_silver_pro_3125ge_firmware cpe:2.3:o:amd:athlon_silver_pro_3125ge_firmware:-:*:*:*:*:*:*:*
xen xen cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
fedoraproject fedora 37 cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
fedoraproject fedora 38 cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
fedoraproject fedora 39 cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
microsoft windows_10_1507 < 10.0.10240.20345 cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*
microsoft windows_10_1607 < 10.0.14393.6529 cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*
microsoft windows_10_1809 < 10.0.17763.5206 cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
microsoft windows_10_21h2 < 10.0.19044.3803 cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
microsoft windows_10_22h2 < 10.0.19045.3803 cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
microsoft windows_11_21h2 < 10.0.22000.2652 cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
microsoft windows_11_22h2 < 10.0.22621.2861 cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
microsoft windows_11_23h2 < 10.0.22631.2861 cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
microsoft windows_server_2008 cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
microsoft windows_server_2008 r2 cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
microsoft windows_server_2012 cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
microsoft windows_server_2012 r2 cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
microsoft windows_server_2016 < 10.0.14393.6529 cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
microsoft windows_server_2019 < 10.0.17763.5206 cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoft windows_server_2022_23h2 < 10.0.25398.584 cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*

References for CVE-2023-20588

URL Tags
http://www.openwall.com/lists/oss-security/2023/09/25/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/4 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/5 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/7 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/25/8 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/26/5 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/26/8 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/26/9 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/09/27/1 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/12 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/13 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/14 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/15 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/16 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/03/9 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/1 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/04/4 Mailing List Third Party Advisory
http://xenbits.xen.org/xsa/advisory-439.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/ Mailing List
https://security.netapp.com/advisory/ntap-20240531-0005/
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007 Vendor Advisory
https://www.debian.org/security/2023/dsa-5480 Third Party Advisory
https://www.debian.org/security/2023/dsa-5492 Third Party Advisory
cvelogic Threat Intelligence