Описание
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| amd64-microcode | fixed | 3.20240820.1 | package | |
| amd64-microcode | fixed | 3.20240820.1~deb12u1 | bookworm | package |
| amd64-microcode | fixed | 3.20240820.1~deb11u1 | bullseye | package |
Примечания
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html
https://lore.kernel.org/all/20240820182655.42311-1-john.allen@amd.com/
EPSS
Связанные уязвимости
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
Уязвимость микрокода процессоров AMD64 Microcode, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
EPSS