VDB
CISA-2023-31352
CISA-2023-31352
PUBLISHED
CVSS 6 MEDIUM
Reported by AMD · Published February 11, 2025
A bug in the SEV firmware may allow an attacker with privileges to read unencrypted memory, potentially resulting in loss of guest private data.
Risk Scores
CVSS 3.1
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| AMD | AMD EPYC™ 9004 Processors | GenoaPI 1.0.0.C, SEV FW1.55.36 |
| AMD | AMD EPYC™ Embedded 9004 | EmbGenoaPI-SP5 1.0.0.7 |
| AMD | AMD EPYC™ 9004 Processors | SEV FW1.55.36, *, GenoaPI 1.0.0.C |
| AMD | AMD EPYC™ Embedded 9004 | EmbGenoaPI-SP5 1.0.0.7, EmbGenoaPI-SP5 1.0.0.7 |
Timeline
- Feb 11, 2025 CVE Published
- Feb 12, 2025 CVE Updated