120 matches found
CVE-2025-48517
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-48517
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-48514
Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...
UBUNTU-CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-48514
Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-29939
CVE-2025-29939 concerns AMD SEV with SNP, where improper access control during SNP initialization could let a privileged attacker write to the reverse map page (RMP), risking loss of guest memory confidentiality and integrity. Affected: AMD Secure Encrypted Virtualization (SEV) in AMD EPYC platfo...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-29948
CVE-2025-29948 affects AMD Secure Encrypted Virtualization (SEV) firmware. The issue is improper access control that could allow a malicious hypervisor to bypass RMP protections, potentially compromising SEV-SNP guest memory integrity. Affected software is SEV firmware; the root cause is access-c...
PT-2026-7446
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – February 2026
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality ...
StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU's Stack Engine
In this paper, the authors present StackWarp, a software-based architectural attack exploiting the stack engine on AMD Zen CPUs to modify the stack pointer within an SEV-SNP guest, fully breaking integrity...
UBUNTU-CVE-2025-29943
Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...
CVE-2025-29943
CVE-2025-29943 : AMD CPUs (Zen 1–Zen 5; EPYC) contain a hardware/microarchitectural issue where an admin-privileged host can manipulate the CPU pipeline configuration, potentially corrupting the stack pointer inside a SEV-SNP guest. A PoC titled “StackWarp” demonstrates exploitation by a hypervis...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Forces the legacy PCI hole to be mapped as UC when overriding MTRRs for TDX/SNP. When running as an SNP or TDX guest under KVM, the legacy PCI hole—that is, the memory between Top of Lower Usable DRAM and 4 GiB—is forced...
UBUNTU-CVE-2025-29934
A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity...
Linux Distros Unpatched Vulnerability : CVE-2025-40181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory...