324 matches found
Input validation
Insufficient input validation on the model specific register: VMHSAVEPA may potentially lead to loss of SEV-SNP guest memory integrity...
CVE-2022-23818
Insufficient input validation on the model specific register: VMHSAVEPA may potentially lead to loss of SEV-SNP guest memory integrity...
CVE-2022-23818
Insufficient input validation on the model specific register: VMHSAVEPA may potentially lead to loss of SEV-SNP guest memory integrity...
CVE-2022-23818
CVE-2022-23818 concerns insufficient input validation on the model-specific register VM_HSAVE_PA, potentially compromising SEV-SNP guest memory integrity. Affected stack is AMD SEV-SNP/ASP components; container of issue is documented across NVD and AMD security bulletin AMD-SB-3001. Mitigations: ...
Client Vulnerabilities – May 2023
Bulletin ID: AMD-SB-4001 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, AMD System Management Unit SMU, and other platform components were discovered, and mitigations are being...
PT-2023-12737 · Amd · Amd Sev-Snp
Name of the Vulnerable Software and Affected Versions: AMD SEV-SNP affected versions not specified Description: The issue is related to insufficient input validation on the model-specific register: VM HSAVE PA, which may potentially lead to loss of SEV-SNP guest memory integrity. Recommendations:...
SUSE CVE-2021-26323
Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity...
SUSE CVE-2021-26326
Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...
CVE-2022-23813
The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment...
CVE-2022-23814
Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment...
CVE-2022-23813
The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment...
CVE-2021-26396
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...
CVE-2021-26409
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
CVE-2021-26396
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...
CVE-2021-26409
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
CVE-2021-26328
Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...
CVE-2021-26328
Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...
Out-of-bounds
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
Design/Logic Flaw
Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...
Input validation
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...