Updated: 2024-12-12 23:56:10.186995
Description:
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 6 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 6.0 | MEDIUM | Needs Triage | 2025-04-10 17:14:58 | ||
| AlmaLinux 9.2 ESU | linux-firmware | 20230310 | 6.0 | MEDIUM | Released | CLSA-2025:1740470712 | 2025-02-26 07:18:42 | |
| CentOS 6 ELS | linux-firmware | 20171128-56 | 6.0 | MEDIUM | Ignored | 2024-10-02 10:52:40 | ||
| CentOS 7 ELS | linux-firmware | 20200421-80 | 6.0 | MEDIUM | Ignored | 2024-10-02 10:52:41 | ||
| CentOS 8.4 ELS | linux-firmware | 20201218-102 | 6.0 | MEDIUM | Released | CLSA-2025:1740470330 | 2025-02-26 07:18:43 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 6.0 | MEDIUM | Ignored | 2025-02-26 07:18:35 | ||
| CentOS 8.5 ELS | linux-firmware | 20210702-103 | 6.0 | MEDIUM | Released | CLSA-2025:1739983569 | 2025-02-20 06:45:19 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 6.0 | MEDIUM | Ignored | 2025-02-26 07:18:35 | ||
| CentOS Stream 8 ELS | kernel | 4.18.0 | 6.0 | MEDIUM | Not Vulnerable | 2024-11-01 03:40:04 | ||
| CentOS Stream 8 ELS | linux-firmware | 20240111 | 6.0 | MEDIUM | Released | CLSA-2025:1739965377 | 2025-02-20 06:45:18 |