GCP-2023-043

Google Cloud Platform Security Advisory

Published: 2023-11-14

Description

DescriptionSeverityNotes

Intel disclosed a CPU vulnerability in select processors. Google has taken steps to mitigate its server fleet, including Google Compute Engine for Google Cloud, and Chrome OS devices to ensure customers are protected.

The vulnerability details:

  • CVE-2023-23583

What should I do?

No customer action is required.

The mitigation provided by Intel for the affected processors has been applied to the Google server fleet, including Google Compute Engine for Google Cloud.

At this time, Google Distributed Cloud Edge requires an update from the OEM. Google will remediate this product once the update has been made available, and this bulletin will be updated accordingly.

Chrome OS devices with the affected processors received the fix automatically as part of releases 119, 118, and 114 (LTS).

What vulnerabilities are being addressed?

CVE-2023-23583. For details, see Intel Security Advisory INTEL-SA-00950.

HighCVE-2023-23583

CLICK FOR MORE INFORMATION