5 matches found
HPESBHF04959 rev.1 - Certain HPE SimpliVity AMD Servers Using Certain AMD EPYC Processors, AMD-SB-3020: SEV-SNP RMP Initialization Vulnerability, Local Unauthorized Access Vulnerability
Potential Security Impact: Local: Unauthorized Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen11 - Prior to SimpliVity Gen11 Support Pack SVTSP 20260417 HPE SimpliVity 325 Gen10 Plus - Prior to SimpliVity Gen10 Support Pack SVTSP 20260417 CVSS Scores:...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
RMPocalypse: How a Catch-22 Breaks AMD SEV-SNP
This paper presents RMPocalypse, a novel attack that shows a critical gap in the security of RMP initialization, wherein the x86 cores maliciously control parts of the initial RMP state. The analysis shows that the vulnerability arises due to the complex, but insufficient, interplay of multiple...