PT-2025-6395 · Amd · Sev-Snp

Name of the Vulnerable Software and Affected Versions: SEV-SNP affected versions not specified Description: The issue is related to the improper handling of invalid nested page table entries in the IOMMU, which may allow a privileged attacker to induce page table entry PTE faults. This could...

ROS-20240902-02

A vulnerability in the implementation of the INVD processor instruction for virtual machines running on servers with AMD processors is associated with loss or omission of information. AMD processors is associated with information loss or skipping. Exploitation of the vulnerability could allow An...

hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...

RHEL 8 : linux-firmware (RHSA-2024:3178)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3178 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: intel:...

hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...

CentOS 8 : linux-firmware (CESA-2024:3178)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3178 advisory. - Protection mechanism failure for some IntelR PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege...

RHEL 7 : linux-firmware (RHSA-2024:0753)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0753 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: RCVE-2023-20592 For mo...

AMD Response to “ZENHAMMER: Rowhammer Attacks on AMD Zen-Based Platforms”

AMD ID: AMD-SB-7021 Potential Impact: Memory integrity Severity: N/A Summary On February 26, 2024, AMD received new research related to an industry-wide DRAM issue documented in “ZENHAMMER: Rowhammering Attacks on AMD Zen-based Platforms” from researchers at ETH Zurich. The research demonstrates...

hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...

RHEL 8 : linux-firmware (RHSA-2024:1112)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1112 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: intel:...

Moderate: Red Hat Security Advisory: linux-firmware security update

An update for linux-firmware is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...

hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...

RHEL 7 : linux-firmware (RHSA-2024:0978)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0978 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: amd: INVD...

hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...

CentOS 7 : linux-firmware (RHSA-2024:0753)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0753 advisory. - Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back...

Design/Logic Flaw

Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes such as the ones during scrubbing have reached memory before handing over the page to a guest. Unfortunately, the arithmetics in the...

CVE-2023-46837 arm32: The cache may not be properly cleaned/invalidated (take two)

Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes such as the ones during scrubbing have reached memory before handing over the page to a guest. Unfortunately, the arithmetics in the...

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4665-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4665-1 advisory. Update AMD ucode to 20231030 bsc1215831: - CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attack...

SUSE-SU-2023:4665-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: Update AMD ucode to 20231030 bsc1215831: - CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. - CVE-2021-46774: Insufficient...