Potential Risk of CVE

Please do not underestimate CVE-2023-31364. The official remedial measures were announced the details on February 24, 2026. (27-02-2026)

Leave a comment

Preface: AMD EPYC processors (including the latest 9005 Series) fully incorporate an I/O Memory Management Unit (IOMMU). In AMD’s architecture, this technology is known as AMD-Vi (AMD I/O Virtualization). It serves as a foundational component for the hardware-level security and isolation.

Background: In a virtualized environment, the IOMMU (AMD-Vi) acts as the essential bridge between “physical hardware” and the Guest VM. When you enable hardware passthrough, the IOMMU functions as both a hardware-level “translator” and a “security guard.” The following details how IOMMU participates in the operation of guest virtual machines:

About Memory Address Mapping (DMA Remapping)

This is the most critical function of the IOMMU.

  • The Problem: A Guest VM operates using Guest Physical Addresses (GPA), which are virtualized. However, a physical device (like a NIC or GPU) requires Host Physical Addresses (HPA) to function.
  • The Solution: When a driver inside the Guest VM commands a device to perform a Direct Memory Access (DMA), the IOMMU intercepts the request. It uses a translation table (provided by the hypervisor) to instantly map the GPA to the HPA. This allows the Guest VM to interact with hardware at full speed without knowing the host’s actual memory layout.

Vulnerability details: CVE-2023-31364  Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.

The above details and VFIO code demonstrate (refer to attached diagram) the mechanism allowing a virtual machine to directly access hardware via IOMMU mapping, which is essential for launching the CVE-2023-31364 attack. The vulnerability occurs when a guest utilizes this direct path to send malicious, high-volume write requests, causing a flawed IOMMU to trigger a fatal Machine Check Error (MCE) and crash the host.

Official announcement: Please refer to the link for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.