IOMMU improperly handles certain special address
ranges with invalid device table entries (DTEs), which may allow an attacker
with privileges and a compromised Hypervisor to
induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a
loss of guest integrity.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Dec 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Amd
Amd epyc 7203 Amd epyc 7203 Firmware Amd epyc 7203p Amd epyc 7203p Firmware Amd epyc 72f3 Amd epyc 72f3 Firmware Amd epyc 7303 Amd epyc 7303 Firmware Amd epyc 7303p Amd epyc 7303p Firmware Amd epyc 7313 Amd epyc 7313 Firmware Amd epyc 7313p Amd epyc 7313p Firmware Amd epyc 7343 Amd epyc 7343 Firmware Amd epyc 7373x Amd epyc 7373x Firmware Amd epyc 73f3 Amd epyc 73f3 Firmware Amd epyc 7413 Amd epyc 7413 Firmware Amd epyc 7443 Amd epyc 7443 Firmware Amd epyc 7443p Amd epyc 7443p Firmware Amd epyc 7453 Amd epyc 7453 Firmware Amd epyc 7473x Amd epyc 7473x Firmware Amd epyc 74f3 Amd epyc 74f3 Firmware Amd epyc 7513 Amd epyc 7513 Firmware Amd epyc 7543 Amd epyc 7543 Firmware Amd epyc 7543p Amd epyc 7543p Firmware Amd epyc 7573x Amd epyc 7573x Firmware Amd epyc 75f3 Amd epyc 75f3 Firmware Amd epyc 7643 Amd epyc 7643 Firmware Amd epyc 7643p Amd epyc 7643p Firmware Amd epyc 7663 Amd epyc 7663 Firmware Amd epyc 7663p Amd epyc 7663p Firmware Amd epyc 7713 Amd epyc 7713 Firmware Amd epyc 7713p Amd epyc 7713p Firmware Amd epyc 7763 Amd epyc 7763 Firmware Amd epyc 7773x Amd epyc 7773x Firmware Amd epyc 8024p Amd epyc 8024p Firmware Amd epyc 8024pn Amd epyc 8024pn Firmware Amd epyc 8124p Amd epyc 8124p Firmware Amd epyc 8124pn Amd epyc 8124pn Firmware Amd epyc 8224p Amd epyc 8224p Firmware Amd epyc 8224pn Amd epyc 8224pn Firmware Amd epyc 8324p Amd epyc 8324p Firmware Amd epyc 8324pn Amd epyc 8324pn Firmware Amd epyc 8434p Amd epyc 8434p Firmware Amd epyc 8434pn Amd epyc 8434pn Firmware Amd epyc 8534p Amd epyc 8534p Firmware Amd epyc 8534pn Amd epyc 8534pn Firmware Amd epyc 9124 Amd epyc 9124 Firmware Amd epyc 9174f Amd epyc 9174f Firmware Amd epyc 9184x Amd epyc 9184x Firmware Amd epyc 9224 Amd epyc 9224 Firmware Amd epyc 9254 Amd epyc 9254 Firmware Amd epyc 9274f Amd epyc 9274f Firmware Amd epyc 9334 Amd epyc 9334 Firmware Amd epyc 9354 Amd epyc 9354 Firmware Amd epyc 9354p Amd epyc 9354p Firmware Amd epyc 9374f Amd epyc 9374f Firmware Amd epyc 9384x Amd epyc 9384x Firmware Amd epyc 9454 Amd epyc 9454 Firmware Amd epyc 9454p Amd epyc 9454p Firmware Amd epyc 9474f Amd epyc 9474f Firmware Amd epyc 9534 Amd epyc 9534 Firmware Amd epyc 9554 Amd epyc 9554 Firmware Amd epyc 9554p Amd epyc 9554p Firmware Amd epyc 9634 Amd epyc 9634 Firmware Amd epyc 9654 Amd epyc 9654 Firmware Amd epyc 9654p Amd epyc 9654p Firmware Amd epyc 9684x Amd epyc 9684x Firmware Amd epyc 9734 Amd epyc 9734 Firmware Amd epyc 9754 Amd epyc 9754 Firmware Amd epyc 9754s Amd epyc 9754s Firmware |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:h:amd:epyc_7203:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7203p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7303:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7303p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7643p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7663p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8024p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8024pn:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8124p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8124pn:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8224p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8224pn:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8324p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8324pn:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8434p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8434pn:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8534p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_8534pn:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9124:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9174f:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9184x:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9224:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9254:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9274f:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9334:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9354:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9354p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9374f:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9384x:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9454:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9454p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9474f:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9534:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9554:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9554p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9634:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9654:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9654p:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9684x:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9734:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9754:-:*:*:*:*:*:*:* cpe:2.3:h:amd:epyc_9754s:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7203_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7203p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7303_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7303p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7643p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7663p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8024p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8024pn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8124p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8124pn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8224p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8224pn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8324p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8324pn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8434p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8434pn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8534p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8534pn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9124_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9174f_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9184x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9224_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9254_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9274f_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9334_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9354_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9354p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9374f_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9384x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9454_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9454p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9474f_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9534_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9554_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9554p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9634_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9654_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9654p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9684x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9734_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9754_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9754s_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Amd
Amd epyc 7203 Amd epyc 7203 Firmware Amd epyc 7203p Amd epyc 7203p Firmware Amd epyc 72f3 Amd epyc 72f3 Firmware Amd epyc 7303 Amd epyc 7303 Firmware Amd epyc 7303p Amd epyc 7303p Firmware Amd epyc 7313 Amd epyc 7313 Firmware Amd epyc 7313p Amd epyc 7313p Firmware Amd epyc 7343 Amd epyc 7343 Firmware Amd epyc 7373x Amd epyc 7373x Firmware Amd epyc 73f3 Amd epyc 73f3 Firmware Amd epyc 7413 Amd epyc 7413 Firmware Amd epyc 7443 Amd epyc 7443 Firmware Amd epyc 7443p Amd epyc 7443p Firmware Amd epyc 7453 Amd epyc 7453 Firmware Amd epyc 7473x Amd epyc 7473x Firmware Amd epyc 74f3 Amd epyc 74f3 Firmware Amd epyc 7513 Amd epyc 7513 Firmware Amd epyc 7543 Amd epyc 7543 Firmware Amd epyc 7543p Amd epyc 7543p Firmware Amd epyc 7573x Amd epyc 7573x Firmware Amd epyc 75f3 Amd epyc 75f3 Firmware Amd epyc 7643 Amd epyc 7643 Firmware Amd epyc 7643p Amd epyc 7643p Firmware Amd epyc 7663 Amd epyc 7663 Firmware Amd epyc 7663p Amd epyc 7663p Firmware Amd epyc 7713 Amd epyc 7713 Firmware Amd epyc 7713p Amd epyc 7713p Firmware Amd epyc 7763 Amd epyc 7763 Firmware Amd epyc 7773x Amd epyc 7773x Firmware Amd epyc 8024p Amd epyc 8024p Firmware Amd epyc 8024pn Amd epyc 8024pn Firmware Amd epyc 8124p Amd epyc 8124p Firmware Amd epyc 8124pn Amd epyc 8124pn Firmware Amd epyc 8224p Amd epyc 8224p Firmware Amd epyc 8224pn Amd epyc 8224pn Firmware Amd epyc 8324p Amd epyc 8324p Firmware Amd epyc 8324pn Amd epyc 8324pn Firmware Amd epyc 8434p Amd epyc 8434p Firmware Amd epyc 8434pn Amd epyc 8434pn Firmware Amd epyc 8534p Amd epyc 8534p Firmware Amd epyc 8534pn Amd epyc 8534pn Firmware Amd epyc 9124 Amd epyc 9124 Firmware Amd epyc 9174f Amd epyc 9174f Firmware Amd epyc 9184x Amd epyc 9184x Firmware Amd epyc 9224 Amd epyc 9224 Firmware Amd epyc 9254 Amd epyc 9254 Firmware Amd epyc 9274f Amd epyc 9274f Firmware Amd epyc 9334 Amd epyc 9334 Firmware Amd epyc 9354 Amd epyc 9354 Firmware Amd epyc 9354p Amd epyc 9354p Firmware Amd epyc 9374f Amd epyc 9374f Firmware Amd epyc 9384x Amd epyc 9384x Firmware Amd epyc 9454 Amd epyc 9454 Firmware Amd epyc 9454p Amd epyc 9454p Firmware Amd epyc 9474f Amd epyc 9474f Firmware Amd epyc 9534 Amd epyc 9534 Firmware Amd epyc 9554 Amd epyc 9554 Firmware Amd epyc 9554p Amd epyc 9554p Firmware Amd epyc 9634 Amd epyc 9634 Firmware Amd epyc 9654 Amd epyc 9654 Firmware Amd epyc 9654p Amd epyc 9654p Firmware Amd epyc 9684x Amd epyc 9684x Firmware Amd epyc 9734 Amd epyc 9734 Firmware Amd epyc 9754 Amd epyc 9754 Firmware Amd epyc 9754s Amd epyc 9754s Firmware |
Wed, 02 Oct 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat enterprise Linux
Redhat rhel Eus |
|
CPEs | cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 cpe:/o:redhat:rhel_eus:9.2 |
|
Vendors & Products |
Redhat enterprise Linux
Redhat rhel Eus |
Tue, 01 Oct 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat
Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus |
Fri, 16 Aug 2024 11:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity | |
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Tue, 13 Aug 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 13 Aug 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity. | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: AMD
Published: 2024-08-13T16:53:18.373Z
Updated: 2024-11-05T21:40:37.392Z
Reserved: 2022-10-27T18:53:39.759Z
Link: CVE-2023-20584
Vulnrichment
Updated: 2024-08-13T17:32:43.152Z
NVD
Status : Analyzed
Published: 2024-08-13T17:15:19.713
Modified: 2024-12-12T20:29:14.730
Link: CVE-2023-20584
Redhat