In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
References
Link | Resource |
---|---|
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2021-05-13 05:15
Updated : 2021-05-25 07:49
NVD link : CVE-2021-26311
Mitre link : CVE-2021-26311
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
amd
- epyc_73f3
- epyc_7542
- epyc_7351p
- epyc_7401p
- epyc_7343
- epyc_7501
- epyc_7443
- epyc_7402p
- epyc_7642
- epyc_embedded_3255
- epyc_embedded_3151
- epyc_7261
- epyc_7352
- epyc_7551p
- epyc_7402
- epyc_7f52
- epyc_7f72
- epyc_embedded_3251
- epyc_7452
- epyc_7552
- epyc_7532
- epyc_7513
- epyc_7313p
- epyc_7551
- epyc_7742
- epyc_7301
- epyc_72f3
- epyc_7763
- epyc_7713
- epyc_7h12
- epyc_7251
- epyc_74f3
- epyc_7302p
- epyc_7351
- epyc_7502
- epyc_7543
- epyc_7401
- epyc_7663
- epyc_7502p
- epyc_7643
- epyc_embedded_3101
- epyc_7281
- epyc_embedded_3451
- epyc_7601
- epyc_embedded_3351
- epyc_7443p
- epyc_7543p
- epyc_7702p
- epyc_7313
- epyc_embedded_3201
- epyc_7451
- epyc_7453
- epyc_7371
- epyc_7282
- epyc_7702
- epyc_7662
- epyc_7302
- epyc_7713p
- epyc_7252
- epyc_7413
- epyc_7f32
- epyc_7232p
- epyc_7272
- epyc_7262
- epyc_75f3