Lucene search
K

120 matches found

Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.5 views

PT-2025-46738

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc7+ Description The Linux kernel contained a flaw related to memory mapping within KVM when running as a Secure Nested Paging SNP or Trusted Execution Technology TDX guest. Specifically, the legacy PCI...

4.6CVSS5.4AI score0.00519EPSS
Exploits4References391
NVD
NVD
added 2025/08/19 5:15 p.m.6 views

CVE-2025-38560

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

5.5CVSS0.00153EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/08/19 5:2 p.m.8 views

CVE-2025-38560 x86/sev: Evict cache lines during SNP memory validation

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

0.00153EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/08/19 5:2 p.m.4 views

CVE-2025-38560

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

5.5CVSS5.5AI score0.00153EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/18 11:27 a.m.6 views

CVE-2025-38506

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

5.5CVSS6.9AI score0.00106EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/18 11:27 a.m.6 views

CVE-2025-38508

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...

5.5CVSS7.1AI score0.00119EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/08/16 10:54 a.m.5 views

CVE-2025-38508

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...

5.5CVSS5.3AI score0.00119EPSS
Exploits0
Cvelist
Cvelist
added 2025/08/16 10:54 a.m.7 views

CVE-2025-38506 KVM: Allow CPU to reschedule while setting per-page memory attributes

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

0.00106EPSS
Exploits0References3
Amd
Amd
added 2025/08/12 12:0 a.m.11 views

AMD Server Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...

7.5CVSS7.5AI score0.00154EPSS
Exploits0
Amd
Amd
added 2025/08/12 12:0 a.m.19 views

SEV Ciphertext Side Channel Attacks

Summary AMD has received reports from two research groups detailing methods by which a malicious hypervisor could potentially execute a side channel attack against a running secure encrypted virtualization – secure nested paging SEV-SNP guest. The first report, titled “Relocate + Vote: Exploiting...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/30 12:0 a.m.5 views

PT-2025-33759

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a cache coherency vulnerability within the x86/sev subsystem related to Secure Nested Paging SNP memory validation. The issue requires cache line eviction...

5.5CVSS6.5AI score0.00153EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.7 views

PT-2025-33551

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Secure TSC frequency calculation in SEV-SNP VMs. The GUEST TSC FREQ MSR reports a frequency based on the nominal P0 frequency, which deviate...

8.5CVSS6.2AI score0.07142EPSS
Exploits3References533
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.8 views

PT-2026-7453

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...

4.6CVSS5.5AI score0.00136EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.7 views

PT-2026-7452

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...

4CVSS5.5AI score0.00135EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type

A vulnerability in the Linux kernel affected the x86/mm code, specifically in the pfntokaddr macro. The issue arises when the macro does not correctly handle input as a 64-bit type, causing crashes on 64-bit platforms, especially for SEV-SNP guests, when processing addresses above the 1TB range...

5.5CVSS7.3AI score0.00219EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.5 views

AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞

AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...

1.9CVSS6.3AI score0.00096EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.6 views

AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞

AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...

3.9CVSS6.4AI score0.00181EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.4 views

AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞

AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...

6CVSS5.9AI score0.00174EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.3 views

AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞

AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...

4.4CVSS5.7AI score0.00199EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.6 views

AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞

AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...

5.2CVSS6.7AI score0.00154EPSS
Exploits0References3
Rows per page
Query Builder