Lucene search
K

87 matches found

OSV
OSV
added 2024/05/17 10:15 p.m.2 views

UBUNTU-CVE-2024-25742

In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 VC at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES...

6.5CVSS6.5AI score0.0018EPSS
Exploits0References15
OSV
OSV
added 2024/05/15 6:15 p.m.3 views

DEBIAN-CVE-2024-25743

In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES...

7.1CVSS6.2AI score0.00247EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/05/01 12:42 a.m.5 views

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

7.1CVSS6.7AI score0.00247EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.4 views

kernel: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration

A flaw was found in the Linux kernel's KVM SVM implementation for AMD SEV-ES. During intrahost VM migration, KVM incorrectly retrieves source vCPUs from the destination VM instead of the source VM. This causes the VMSA Virtual Machine Save Area pointer to remain NULL, leading to a host kernel cra...

5.8AI score0.00166EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/20 12:31 p.m.5 views

kernel: SEV-ES local priv escalation

A buffer overflow and null pointer dereference flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their...

7CVSS7AI score0.00693EPSS
Exploits0References9
OSV
OSV
added 2024/02/13 8:15 p.m.3 views

UBUNTU-CVE-2023-31346

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests...

6CVSS6.5AI score0.00309EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.6 views

AMD SEV-SNP Security Vulnerability

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP has a security vulnerability that stems from a code error...

4.9CVSS7.1AI score0.0046EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/01/25 11:4 a.m.3 views

kernel: SEV-ES local priv escalation

A buffer overflow and null pointer dereference flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their...

7CVSS7AI score0.00693EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/01/25 9:43 a.m.9 views

kernel: SEV-ES local priv escalation

A buffer overflow and null pointer dereference flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their...

7CVSS6.9AI score0.00693EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2023/11/14 3:24 p.m.10 views

kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

5.6CVSS6.7AI score0.00159EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

5.6CVSS6.7AI score0.00159EPSS
Exploits0References4
CVE
CVE
added 2023/09/13 4:11 p.m.557 views

CVE-2023-4155

CVE-2023-4155 describes a vulnerability in the Linux kernel’s KVM AMD SEV implementation. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race that causes the VMGEXIT handler to be invoked recursively. If the handler is called multiple times, this can lead to a ...

5.6CVSS6.2AI score0.00159EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

5.5CVSS6.4AI score0.00189EPSS
Exploits0References5
OSV
OSV
added 2023/05/09 7:15 p.m.1 views

CVE-2021-26406

Insufficient validation in parsing Owner's Certificate Authority OCA certificates in SEV AMD Secure Encrypted Virtualization and SEV-ES user application can lead to a host crash potentially resulting in denial of service...

7.5CVSS5.8AI score0.00416EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

5.5CVSS6.4AI score0.00189EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.7 views

The vulnerability of the implementation of the AMD Secure Encrypted Virtualization-Encrypted State (SEV-ES) technology in microprogramming-based CPU software arises from copying buffers without checking the size of the input data. This allows attackers to disclose protected information.

The vulnerability of the AMD Secure Encrypted Virtualization-Encrypted State SEV-ES technology implementation in microprogramming-based CPU software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to disclose protected...

7.8CVSS7.1AI score0.00189EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.5 views

SUSE CVE-2021-26323

Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity...

7.8CVSS7.7AI score0.00238EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2021-46744

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time...

6.2CVSS5.8AI score0.00328EPSS
Exploits0References19
OSV
OSV
added 2023/01/11 8:15 a.m.4 views

CVE-2021-26404

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...

5.5CVSS6AI score
Exploits0References1
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.3 views

AMD Secure Encrypted Virtualization (SEV) 输入验证错误漏洞

AMD Secure Encrypted Virtualization is a software application from UltraMicroelectronics AMD. Hardware-accelerated memory encryption to protect data in use. A security vulnerability exists in AMD Secure Encrypted Virtualization SEV that stems from incorrect input validation and boundary checking,...

5.5CVSS5.7AI score0.00185EPSS
Exploits0References2
Rows per page
Query Builder