21 matches found
Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8074-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8074-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory...
USN-8074-2 linux-azure-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...
USN-8031-3 linux-gcp, linux-gke vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...
USN-8031-1: Linux kernel (GCP) vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...
USN-8028-2 linux-realtime-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-8028-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8028-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory...
CVE-2025-0029
Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity...
CVE-2025-29948
Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...
Oracle Linux 9 : edk2 (ELSA-2025-28047)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28047 advisory. - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause 'Protection Mechanism Failure' by local access Orabug: 38381983 CVE-2025-377...
USN-7879-4 linux-gcp-6.14, linux-raspi vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...
Oracle Linux 8 : edk2 (ELSA-2025-20669)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20669 advisory. - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause Protection Mechanism Failure by local access Orabug: 38381983 CVE-2025-3770 ...
USN-7879-3 linux-aws-6.14, linux-oracle-6.14 vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...
Ubuntu 24.04 LTS / 25.04 : Linux kernel vulnerabilities (USN-7879-1)
The remote Ubuntu 24.04 LTS / 25.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7879-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest...
USN-7880-1 linux-oem-6.14 vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...
USN-7879-1 linux, linux-aws, linux-gcp, linux-hwe-6.14, linux-oracle, linux-realtime vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...
CVE-2022-23813
The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment...
Design/Logic Flaw
The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment...
CVE-2022-23813
CVE-2022-23813 involves AMD ASP/SMU where the interface between ASP and SMU may fail to enforce SNP memory security policy, risking loss of integrity of SNP-protected guest memory in confidential Compute (AMD EPYC). Affected: ASP/SMU components across generations; Root cause: inadequate enforceme...
CVE-2022-23813
The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment...
CVE-2021-26409
CVE-2021-26409 affects AMD SEV-ES, where insufficient bounds checking can corrupt the Reverse Map (RMP) memory, potentially compromising SNP memory integrity. Public references identify AMD SEV-ES-related memory integrity risk; mitigation guidance is distributed via AMD’s PSU/AGS updates (AMD-SB-...