Lucene search

K
amdAmd.comAMD-SB-3011
HistoryAug 05, 2024 - 12:00 a.m.

Guest Memory Vulnerabilities

2024-08-0500:00:00
amd.com
www.amd.com
1
amd
memory vulnerabilities
confidentiality
integrity
secure nested paging
hypervisor

CVSS3

7.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

AI Score

6.9

Confidence

Low

EPSS

0

Percentile

9.4%

AMD ID: AMD-SB-3011 **Potential Impact:**Confidentiality and Integrity Severity: High

Summary

A researcher has reported to AMD three potential vulnerabilities in Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP). The reports detail ways that a malicious hypervisor controlled by the host system, could read or corrupt the memory of a guest VM.

CVSS3

7.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

AI Score

6.9

Confidence

Low

EPSS

0

Percentile

9.4%