Skip to main content
AMD Security Bulletin AMD-SB-3005

Vulnerability Disclosure:

Supermicro is aware of the AMD INVD Instruction security vulnerability. This issue affects 1st Gen AMD EPYC™ Processors (SEV and SEV-ES), 2nd Gen AMD EPYC™ Processors (SEV and SEV-ES), and 3rd Gen AMD EPYC™ Processors (SEV, SEV-ES, SEV-SNP).

CVE:

  • CVE-2023-20592
  • Severity: Medium

Affected products:

Supermicro BIOS in the H11 and H12 motherboards

Remediation:

Supermicro is currently working on updating BIOS to mitigate this issue. This page will be updated as additional information becomes available.

Note (per AMD): No mitigation is available for the first or second generations of EPYC™ processors (“Zen 1”, formerly codenamed “Naples”, “Zen 2”, formerly codenamed “Rome”) since the SEV and SEV-ES features are not designed to protect guest VM memory integrity and the SEV-SNP is not available.