Amd: >> Epyc 9554 Firmware >> genoapi_1.0.0.8 Security Vulnerabilities
IOMMU improperly handles certain special address
ranges with invalid device table entries (DTEs), which may allow an attacker
with privileges and a compromised Hypervisor to
induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a
loss of guest integrity.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-08-13
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.
CVSS Score
6.0
EPSS Score
0.015
Published
2024-08-05
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
CVSS Score
7.9
EPSS Score
0.009
Published
2024-08-05
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
CVSS Score
6.0
EPSS Score
0.009
Published
2024-08-05
Failure to initialize
memory in SEV Firmware may allow a privileged attacker to access stale data
from other guests.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-13
Due to a code bug in
Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a
guest to observe an incorrect TSC when Secure TSC is enabled potentially
resulting in a loss of guest integrity. Â
CVSS Score
4.9
EPSS Score
0.0
Published
2024-02-13
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVSS Score
4.7
EPSS Score
0.006
Published
2023-08-08