CVE-2023-20572

Description

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity.

References

• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html