120 matches found
PT-2025-46738
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc7+ Description The Linux kernel contained a flaw related to memory mapping within KVM when running as a Secure Nested Paging SNP or Trusted Execution Technology TDX guest. Specifically, the legacy PCI...
CVE-2025-38560
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...
CVE-2025-38560 x86/sev: Evict cache lines during SNP memory validation
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...
CVE-2025-38560
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...
CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
CVE-2025-38508
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...
CVE-2025-38508
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...
CVE-2025-38506 KVM: Allow CPU to reschedule while setting per-page memory attributes
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
AMD Server Vulnerabilities – August 2025
Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...
SEV Ciphertext Side Channel Attacks
Summary AMD has received reports from two research groups detailing methods by which a malicious hypervisor could potentially execute a side channel attack against a running secure encrypted virtualization – secure nested paging SEV-SNP guest. The first report, titled “Relocate + Vote: Exploiting...
PT-2025-33759
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a cache coherency vulnerability within the x86/sev subsystem related to Secure Nested Paging SNP memory validation. The issue requires cache line eviction...
PT-2025-33551
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Secure TSC frequency calculation in SEV-SNP VMs. The GUEST TSC FREQ MSR reports a frequency based on the nominal P0 frequency, which deviate...
PT-2026-7453
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...
PT-2026-7452
Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...
kernel: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type
A vulnerability in the Linux kernel affected the x86/mm code, specifically in the pfntokaddr macro. The issue arises when the macro does not correctly handle input as a 64-bit type, causing crashes on 64-bit platforms, especially for SEV-SNP guests, when processing addresses above the 1TB range...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...
AMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
AMD Secure Encrypted Virtualization and AMD Secure Processor ASP are both products of Ultraviolet Semiconductor AMD, Inc.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use.AMD Secure Processor is a standalone ARM Coretex-A5...