VDB

CISA-2023-31352

CISA-2023-31352 PUBLISHED CVSS 6 MEDIUM

Reported by AMD · Published February 11, 2025

A bug in the SEV firmware may allow an attacker with privileges to read unencrypted memory, potentially resulting in loss of guest private data.

Risk Scores

CVSS 3.1
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Affected Products

VendorProductVersions
AMDAMD EPYC™ 9004 ProcessorsGenoaPI 1.0.0.C, SEV FW1.55.36
AMDAMD EPYC™ Embedded 9004EmbGenoaPI-SP5 1.0.0.7
AMDAMD EPYC™ 9004 ProcessorsSEV FW1.55.36, *, GenoaPI 1.0.0.C
AMDAMD EPYC™ Embedded 9004EmbGenoaPI-SP5 1.0.0.7, EmbGenoaPI-SP5 1.0.0.7

Timeline

  • Feb 11, 2025 CVE Published
  • Feb 12, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›