Описание
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
Меры по смягчению последствий
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | linux-firmware | Not affected | ||
| Red Hat Enterprise Linux 6 | linux-firmware | Not affected | ||
| Red Hat Enterprise Linux 7 | linux-firmware | Not affected | ||
| Red Hat Enterprise Linux 8 | linux-firmware | Fixed | RHSA-2024:7481 | 02.10.2024 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | linux-firmware | Fixed | RHSA-2024:7418 | 01.10.2024 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | linux-firmware | Fixed | RHSA-2024:7418 | 01.10.2024 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | linux-firmware | Fixed | RHSA-2024:7418 | 01.10.2024 |
| Red Hat Enterprise Linux 9 | linux-firmware | Fixed | RHSA-2024:7484 | 02.10.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | linux-firmware | Fixed | RHSA-2024:7483 | 02.10.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
IOMMU improperly handles certain special address ranges with invalid d ...
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
Уязвимость микрокода процессоров AMD64 Microcode, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
5.3 Medium
CVSS3