Vulnerability Disclosure:

Supermicro is aware of the Return Address Predictor, a side channel vulnerability, also known as "INCEPTION." This issue affects AMD EPYC™ 3rd Gen and 4th Gen Processors.

CVE:

• CVE-2023-20569
• Severity: Medium

Findings:

A side channel attack known as ‘Inception’ may allow an attacker to influence branch prediction, potentially leading to information disclosure.

Affected products:

Supermicro BIOS in the H12 and select H13 motherboards

Remediation:

• All affected Supermicro motherboard SKUs will require a BIOS update to mitigate this potential vulnerability.
• An updated BIOS firmware had been created to mitigate this potential vulnerability. Supermicro is currently testing and validating affected products. Please check Release Notes for the resolution.

Resources:

• AMD-SN7005
  • CVE-2023-20569