288 matches found
EUVD-2023-54035
Malicious code in bioql PyPI...
EUVD-2021-33979
Malicious code in bioql PyPI...
New $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections
A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors. "We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during...
SEV-SNP Physical Memory Aliasing
Summary Researchers have reported a method for privileged attackers with physical access to a motherboard to potentially compromise confidentiality and integrity of AMD Secure Encrypted Virtualization – Secure Nesting Paging SEV-SNP guests. AMD does not plan to release any mitigations in response...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
CVE-2024-21977
Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests...
CVE-2024-21977
CVE-2024-21977 describes an AMD SEV-SNP-related issue where incomplete cleanup after loading a CPU microcode patch may degrade RDRAND entropy, potentially impacting integrity for SEV-SNP guests. Connected sources confirm this affects AMD EPYC/SEV-SNP platform components (IOMMU, SEV-SNP) and note ...
CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
CVE-2025-38508
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...
CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
Heracles: Chosen Plaintext Attack on AMD SEV-SNP
A whitepaper discussing an attack on AMD SEV-SNP called Heracles that was able to leak kernel memory, crypto keys, and user passwords, as well as demonstrate web session hijacking...
Linux Distros Unpatched Vulnerability : CVE-2021-4093
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger...
Voltage Fault Injection on SEV Virtual Machines
Summary Researchers shared with AMD a report titled “Voltage Fault Injection on SEV-protected Virtual Machines.” The report noted a Voltage Fault Injection VFI attack targeting AMD EPYC™ 7272 CPUs running Secure Encrypted Virtualization SEV protected virtual machines VMs. Physical attacks such as...
AMD Server Vulnerabilities – August 2025
Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...
SEV Ciphertext Side Channel Attacks
Summary AMD has received reports from two research groups detailing methods by which a malicious hypervisor could potentially execute a side channel attack against a running secure encrypted virtualization – secure nested paging SEV-SNP guest. The first report, titled “Relocate + Vote: Exploiting...
Linux Distros Unpatched Vulnerability : CVE-2021-47228
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. In order for this memory to not ...
DEBIAN-CVE-2025-38455
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...
UBUNTU-CVE-2025-38455
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...