In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
[
{
"product": "SEV/SEV-ES",
"vendor": "AMD",
"versions": [
{
"lessThan": "SEV-SNP",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]