287 matches found
kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity
A flaw was found in the way AMD IOMMU handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect method being invoked when starting the SEV virtual machine...
UBUNTU-CVE-2024-43874
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...
SUSE CVE-2023-31356
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity...
Multi-vendor BIOS Security Vulnerabilities (August, 2024) - Lenovo Support US
No description provided...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor 和 AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
The vulnerability of the SEV-SNP and SEV-ES mechanisms in Linux operating systems allows attackers to compromise the confidentiality and integrity of protected information.
The vulnerability of the SEV-SNP and SEV-ES mechanisms in Linux operating systems stems from incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the...
hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem
A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...
kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
SUSE CVE-2020-12966
AMD EPYCtm Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...
hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem
A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...
hw: amd: Instruction raise #VC exception at exit
A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...
DEBIAN-CVE-2021-47389
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sevdecommission in sevreceivestart DECOMMISSION the current SEV context if binding an ASID fails after RECEIVESTART. Per AMD's SEV API, RECEIVESTART generates a new guest context and thus needs to be paired...