Lucene search
K

120 matches found

NVD
NVD
added 2026/02/10 8:16 p.m.6 views

CVE-2025-48517

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...

4.6CVSS0.00136EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 8:16 p.m.4 views

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

6.9CVSS0.00136EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/10 8:16 p.m.7 views

CVE-2025-48517

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...

4.6CVSS5.9AI score0.00136EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/10 8:16 p.m.4 views

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

6.9CVSS5.9AI score0.00136EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/10 8:16 p.m.6 views

CVE-2025-48514

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...

4CVSS5.9AI score0.00135EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 8:16 p.m.3 views

UBUNTU-CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

6.9CVSS5.8AI score0.00136EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/10 7:14 p.m.5 views

CVE-2025-48514

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...

4CVSS5.5AI score0.00135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 7:11 p.m.4 views

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

6.9CVSS5.5AI score0.00136EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/10 7:11 p.m.6 views

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

6.9CVSS5.5AI score0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 7:11 p.m.8 views

CVE-2025-29939

CVE-2025-29939 concerns AMD SEV with SNP, where improper access control during SNP initialization could let a privileged attacker write to the reverse map page (RMP), risking loss of guest memory confidentiality and integrity. Affected: AMD Secure Encrypted Virtualization (SEV) in AMD EPYC platfo...

6.9CVSS5.5AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:11 p.m.32 views

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

6.9CVSS0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 7:7 p.m.12 views

CVE-2025-29948

CVE-2025-29948 affects AMD Secure Encrypted Virtualization (SEV) firmware. The issue is improper access control that could allow a malicious hypervisor to bypass RMP protections, potentially compromising SEV-SNP guest memory integrity. Affected software is SEV firmware; the root cause is access-c...

5.9CVSS5.5AI score0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.10 views

PT-2026-7446

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

6.9CVSS5.5AI score0.00136EPSS
Exploits0References2
Amd
Amd
added 2026/02/10 12:0 a.m.12 views

AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality ...

8.7CVSS6.4AI score0.00307EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/19 12:0 a.m.17 views

StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU's Stack Engine

In this paper, the authors present StackWarp, a software-based architectural attack exploiting the stack engine on AMD Zen CPUs to modify the stack pointer within an SEV-SNP guest, fully breaking integrity...

5.4AI score
Exploits0
OSV
OSV
added 2026/01/16 4:15 p.m.4 views

UBUNTU-CVE-2025-29943

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

4.6CVSS5.8AI score0.00202EPSS
Exploits1References3
CVE
CVE
added 2026/01/16 3:46 p.m.36 views

CVE-2025-29943

CVE-2025-29943 : AMD CPUs (Zen 1–Zen 5; EPYC) contain a hardware/microarchitectural issue where an admin-privileged host can manipulate the CPU pipeline configuration, potentially corrupting the stack pointer inside a SEV-SNP guest. A PoC titled “StackWarp” demonstrates exploitation by a hypervis...

4.6CVSS6.7AI score0.00202EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Forces the legacy PCI hole to be mapped as UC when overriding MTRRs for TDX/SNP. When running as an SNP or TDX guest under KVM, the legacy PCI hole—that is, the memory between Top of Lower Usable DRAM and 4 GiB—is forced...

5.8AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2025/11/21 7:15 p.m.3 views

UBUNTU-CVE-2025-29934

A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity...

5.3CVSS5.8AI score0.00094EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory...

6.1AI score0.00176EPSS
Exploits0References3
Rows per page
Query Builder