298 matches found
Release of Technical Report into the AMD Security Processor
Posted by James Forshaw, Google Project Zero Today, members of Project Zero and the Google Cloud security team are releasing a technical report on a security review of AMD Secure Processor ASP. The ASP is an isolated ARM processor in AMD EPYC CPUs that adds a root of trust and controls secure...
AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization is a software application from AMD USA. Hardware-accelerated memory encryption to protect data in use. A security vulnerability exists in AMD Secure Encrypted Virtualization TMR that stems from a failure to verify that the SEV-ES TMR is not in MMIO space,...
PT-2022-6408 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the Linux kernel, specifically in the KVM SEV API, which allows a non-root user-level application to crash the host kernel by creating a confidential guest VM...
CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...
DEBIAN-CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...
CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...
CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...
CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...
CVE-2021-4093
CVE-2021-4093 : A flaw in the KVM AMD SEV-ES code allows a malicious VM using SEV-ES to trigger out-of-bounds reads/writes in the host kernel via a VMGEXIT with a string I/O instruction (e.g., outs/ins) using exit reason SVM_EXIT_IOIO. This can crash the host or enable a guest-to-host escape. Aff...
CVE-2020-12966
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...
CVE-2020-12966
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...
PT-2022-8415 · Amd · Amd Epyc Processors
Name of the Vulnerable Software and Affected Versions: AMD EPYC Processors affected versions not specified Description: The issue is related to an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secur...
USN-5210-2: Linux kernel regression | Cloud Foundry
Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization SEV enabled...
Ubuntu: Security Advisory (USN-5210-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV) - Lenovo Support US
No description provided...
UBUNTU-CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...
CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...
CVE-2021-26320
Insufficient validation of the AMD SEV Signing Key ASK in the SENDSTART command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP...
AMD 多款产品输入验证错误漏洞
AMD Platform Security Processor and others are products of AMD Corporation.AMD Platform Security Processor is a security processor.AMD Secure Encrypted Virtualization is an application software.AMD System Management Unit SMU is a system management unit. An input validation error vulnerability...
AMD 多款产品缓冲区错误漏洞
AMD Platform Security Processor and others are products of AMD Corporation.AMD Platform Security Processor is a security processor.AMD Secure Encrypted Virtualization is an application software.AMD System Management Unit SMU is a system management unit. A buffer error vulnerability exists in...