AMD IOMMU VM DoS via Direct Memory Write
CVE-2023-31364 Published on February 26, 2026

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.

NVD

Weakness Type

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2023-31364 has been classified to as a Buffer Overflow vulnerability or weakness.

Affected Versions

AMD EPYC™ 7001 Series Processors:

Version NaplesPI 1.0.0.R is unaffected.

AMD EPYC™ 7002 Series Processors:

Version RomePI 1.0.0.N is unaffected.

AMD EPYC™ 7003 Series Processors:

Version MilanPI 1.0.0.H is unaffected.

AMD EPYC™ 8004 Series Processors:

Version GenoaPI 1.0.0.G is unaffected.

AMD EPYC™ 9004 Series Processors:

Version GenoaPI 1.0.0.G is unaffected.

AMD EPYC™ 9005 Series Processors:

Version TurinPI 1.0.0.7 is unaffected.

AMD EPYC™ Embedded 3000 Series Processors:

Version SnowyOwl_SP4_SP4r2.1.1.0.H is unaffected.

AMD EPYC™ Embedded 7002 Series Processors:

Version EmbRomePI-SP3 1.0.0.F is unaffected.

AMD EPYC™ Embedded 7003 Series Processors:

Version EmbMilanPI-SP3 v9 1.0.0.C is unaffected.

AMD EPYC™ Embedded 8004 Series Processors:

Version EmbGenoaPI-SP5 1.0.0.B is affected.

AMD EPYC™ Embedded 9004 Series Processor:

Version EmbGenoaPI-SP5 1.0.0.B is affected.

AMD EPYC™ Embedded 9005 Series Processors:

Version EmbTurinPI-SP5 1.0.0.1 is unaffected.

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 3000 Series Desktop Processors:

Version No Fix Planned is affected.

AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 7000 Series Desktop Processors:

Version No Fix Planned is affected.

AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics:

Version No Fix Planned is affected.

AMD Ryzen™ 8000 Series Desktop Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded 5000 Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded 7000 Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded 8000 Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded R1000 Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded R2000 Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded V1000 Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded V2000 Series Processors:

Version No Fix Planned is affected.

AMD Ryzen™ Embedded V3000 Series Processors:

Version No Fix Planned is affected.

Exploit Probability

EPSS

0.05%

Percentile

16.99%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

AMD IOMMU VM DoS via Direct Memory WriteCVE-2023-31364 Published on February 26, 2026

Weakness Type

What is a Buffer Overflow Vulnerability?

Affected Versions

Exploit Probability

AMD IOMMU VM DoS via Direct Memory Write
CVE-2023-31364 Published on February 26, 2026