CVSS: 9.0EPSS: 1%CPEs: 65EXPL: 0CVE-2021-26311 – AMD Secure Encrypted Virtualization
https://notcve.org/view.php?id=CVE-2021-26311
13 May 2021 — In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. En la funcionalidad SEV/SEV-ES de AMD, la memoria puede ser reorganizada en el espacio de direcciones del invitado que no es detectado por el mecanismo de certificación que podría ser util... • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 2%CPEs: 65EXPL: 0CVE-2020-12967 – AMD Secure Encrypted Virtualization
https://notcve.org/view.php?id=CVE-2020-12967
13 May 2021 — The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. La falta de protección de tablas de páginas anidadas en la funcionalidad SEV/SEV-ES de AMD, podría potencialmente conllevar a una ejecución de código arbitraria dentro de la Máquina Virtual invitada si un administrador malicioso tiene acceso para comprometer el hypervisor del servidor • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2019-9836 – AMD Secure Encrypted Virtualization (SEV) Key Recovery
https://notcve.org/view.php?id=CVE-2019-9836
25 Jun 2019 — Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation. Secure Encrypted Virtualization (SEV) en Advanced Micro Devices (AMD) Platform Security Processor (PSP; también conocido como AMD Secure Processor o AMD-SP) 0.17 build 11 y versiones anteriores tiene una implementación criptográfica insegura. AMD Secure Encrypted Virtualization (SEV) is a hardware m... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00032.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •