Amd: >> Epyc 75f3 Firmware >> milanpi_1.0.0.b Security Vulnerabilities
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.
CVSS Score
6.0
EPSS Score
0.015
Published
2024-08-05
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
CVSS Score
7.9
EPSS Score
0.009
Published
2024-08-05
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
CVSS Score
6.0
EPSS Score
0.009
Published
2024-08-05
Failure to initialize
memory in SEV Firmware may allow a privileged attacker to access stale data
from other guests.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-13
Due to a code bug in
Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a
guest to observe an incorrect TSC when Secure TSC is enabled potentially
resulting in a loss of guest integrity. Â
CVSS Score
4.9
EPSS Score
0.0
Published
2024-02-13
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-11-14
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVSS Score
4.7
EPSS Score
0.006
Published
2023-08-08