Amd

Epyc 7003

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2025-61971

  • EPSS 0.01%
  • Veröffentlicht 13.05.2026 03:02:55
  • Zuletzt bearbeitet 13.05.2026 14:49:11

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.

5.6

CVE-2023-20585

  • EPSS 0.02%
  • Veröffentlicht 16.04.2026 18:42:28
  • Zuletzt bearbeitet 17.04.2026 15:14:05

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.

4.6

CVE-2025-0031

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:14:58
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.

4

CVE-2025-48514

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:14:22
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.

6.9

CVE-2025-29939

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:11:59
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentialit...

6.7

CVE-2025-52536

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:09:04
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.

3.2

CVE-2024-21977

  • EPSS 0.02%
  • Veröffentlicht 05.09.2025 12:58:39
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.

7.5

CVE-2023-31345

  • EPSS 0.03%
  • Veröffentlicht 12.02.2025 00:15:08
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

7.2

CVE-2024-56161

  • EPSS 0.08%
  • Veröffentlicht 03.02.2025 18:15:37
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AM...

4.4

CVE-2023-31356

  • EPSS 0.03%
  • Veröffentlicht 13.08.2024 17:15:21
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.