Updated: 2024-10-02 03:21:57.947272
Description:
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | NONE | 0 |
CVSS Version 3.x | MEDIUM | 5.3 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | linux-firmware | 20230310 | 5.3 | MEDIUM | In Progress | 2024-10-10 10:44:52 | |
CentOS 6 ELS | linux-firmware | 20171128-56 | 5.3 | MEDIUM | Ignored | 2024-10-02 10:52:40 | |
CentOS 7 ELS | linux-firmware | 20200421-80 | 5.3 | MEDIUM | Ignored | 2024-10-02 10:52:41 | |
CentOS 8.4 ELS | linux-firmware | 20201218-102 | 5.3 | MEDIUM | In Progress | 2024-10-10 10:44:52 | |
CentOS 8.5 ELS | linux-firmware | 20210702-103 | 5.3 | MEDIUM | In Progress | 2024-10-10 10:44:53 | |
CentOS Stream 8 ELS | linux-firmware | 20240111 | 5.3 | MEDIUM | In Progress | 2024-10-10 10:44:52 | |
CloudLinux 6 ELS | linux-firmware | 20171128-56 | 5.3 | MEDIUM | Ignored | 2024-10-02 10:52:40 | |
CloudLinux 7 ELS | linux-firmware | 20200421 | 5.3 | MEDIUM | Ignored | 2024-10-02 10:52:40 | |
Oracle Linux 6 ELS | linux-firmware | 20171128-56 | 5.3 | MEDIUM | Ignored | 2024-10-02 10:52:40 | |
Ubuntu 16.04 ELS | linux-firmware | 1.157.23 | 5.3 | MEDIUM | Ignored | 2024-10-02 10:52:40 |