Lucene search
K

299 matches found

RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-52959

A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...

7.8CVSS6AI score0.00093EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A flaw was discovered in the Linux kernel. The existing KVM SEV API contains a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in an AMD CPU that supports Secure Encrypted Virtualization SEV...

5.5CVSS6.7AI score0.00288EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Rejects attempts to synchronize VMSA of an already-launched/encrypted vCPU. Synchronize the vCPU state with its associated VMSA if the vCPU has already been launched, that is, if the VMSA has already been encrypted. On ...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Maps EFI-reserved memory as encrypted for SEV. Some drivers require memory that is marked as EFI boot services data. To prevent this memory from being reused by the kernel after ExitBootServices, efimemreserve is use...

6.2CVSS5.8AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in amd64-microcode

Secure Encrypted Virtualization SEV on the Advanced Micro Devices AMD Platform Security Processor PSP; also known as AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation...

5.3CVSS6.3AI score0.01609EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: Allow the CPU to reschedule while setting per-page memory attributes. When running a SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host may experience CPU soft lockups when performing an operation in...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/31 12:0 a.m.23 views

Formal Verification of Secure Encrypted Virtualization

Trusted execution environments TEEs provide a secure environment for data and code in use, ensuring that they are protected with respect to confidentiality and integrity. Virtual machine VM-based TEEs utilize virtualization technology to create isolated execution spaces that can support a complet...

6AI score
Exploits0
Fedora
Fedora
added 2026/05/19 4:20 p.m.15 views

[SECURITY] Fedora 44 Update: rust-sevctl-0.6.2-7.fc44

Administrative utility for AMD SEV...

9.8CVSS5.8AI score0.00412EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:3 a.m.8 views

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS6.3AI score0.0013EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/13 3:2 a.m.11 views

EUVD-2025-209811

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...

5.9CVSS5.8AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:2 a.m.8 views

CVE-2025-61971

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...

5.9CVSS5.8AI score0.00116EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.13 views

Insecure Despite Proven Updated: Extracting the Root VCEK Seed on EPYC Milan Via a Software-Only Attack

In the official whitepaper of Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP, AMD explicitly emphasizes the capability to prevent Trusted Computing Base TCB rollback attacks. Cryptographically, this is realized by signing attestation reports with the Versioned Chip Endorsement...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.9 views

PT-2026-40388

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS6.3AI score0.0013EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:2 a.m.9 views

KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION

...

5.5CVSS5.8AI score0.00125EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/25 1:38 a.m.4 views

SUSE CVE-2026-31593

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Reject synchronizing vCPU state to its associated VMSA if the vCPU has already been launched, i.e. if the VMSA has already been encrypted. On a host wit...

6.1CVSS5.5AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/24 7:2 p.m.6 views

CVE-2026-31590

A flaw was found in the Linux kernel, specifically within the Kernel-based Virtual Machine KVM subsystem's Secure Encrypted Virtualization SEV feature. A local user could exploit this vulnerability by providing an excessively large memory region size when using the KVMMEMORYENCRYPTREGREGION...

5.5CVSS5.7AI score0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31590

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.5 views

CVE-2026-31592

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't stable unless kvm-lock is held or KVM can guarantee KVMSEVINIT2 has...

5.5CVSS0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 2:42 p.m.7 views

EUVD-2026-25486

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Reject synchronizing vCPU state to its associated VMSA if the vCPU has already been launched, i.e. if the VMSA has already been encrypted. On a host wit...

5.4AI score0.00122EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.27 views

CVE-2026-31593 KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Reject synchronizing vCPU state to its associated VMSA if the vCPU has already been launched, i.e. if the VMSA has already been encrypted. On a host wit...

0.00122EPSS
Exploits0References5
Rows per page
Query Builder