PT-2023-1405 · Amd · Amd Secure Encrypted Virtualization (Sev) Firmware

Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization SEV firmware affected versions not specified Description: The issue is related to insufficient input validation in the SEV firmware, which may allow an attacker to perform out-of-bounds memory reads within...

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

AZL-10759 CVE-2022-0171 affecting package kernel for versions less than 5.15.70.1-1

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

DEBIAN-CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

Design/Logic Flaw

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

UBUNTU-CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

CVE-2022-0171

CVE-2022-0171 affects the Linux kernel KVM SEV API and allows a non-root host-user application to crash the host kernel by creating a confidential guest VM on AMD SEV-capable CPUs. The issue is local in scope (AV:L, AC:L, PR:L) with a CVSSv3 base score of 5.5 (I:A/H). A fix is available in the Li...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the KVM SEV API that allows a non-root host user-level application to crash the host kernel by creating an...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

AMD CPUs 加密问题漏洞

AMD CPUs are a family of CPUs from AMD in the United States. A security vulnerability exists in AMD CPUs. An attacker could exploit this vulnerability to infer the data values used by the SEV guest on an AMD CPU by monitoring the ciphertext values...

CVE-2021-46744

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time...

kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

AMD Client Vulnerabilities – May 2022

Bulletin ID: AMD-SB-1027 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...

AMD SEV-legacy 安全漏洞

AMD Secure Encrypted Virtualization is a software application from AMD USA. Hardware-accelerated memory encryption to protect data in use. A security vulnerability exists in the AMD SEV-legacy firmware. An attacker could exploit the vulnerability to cause a loss of integrity or confidentiality of...

AMD Server Vulnerabilities - May 2022

Bulletin ID: AMD-SB-1028 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...