CVE-2024-21978: Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data…

high7.9CVSS 3.1

AVLACLPRHUINSCCHIHAN

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.

Affected

90 ranges· showing 25

Vendor	Product	Version range	Fixed in
amd	3rd_gen_amd_epyc_processors	>= various < MilanPI 1.0.0.D	MilanPI 1.0.0.D
amd	4th_gen_amd_epyc_processors	>= various < GenoaPI 1.0.0.C	GenoaPI 1.0.0.C
amd	amd_epyc_embedded_7003	>= various < EmbMilanPI-SP3 1.0.0.9	EmbMilanPI-SP3 1.0.0.9
amd	amd_epyc_embedded_9003	>= various < EmbGenoaPI-SP5 1.0.0.7	EmbGenoaPI-SP5 1.0.0.7
amd	epyc_7203_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7203p_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_72f3_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7303_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7303p_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7313_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7313p_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7343_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7373x_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_73f3_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7413_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7443_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7443p_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7453_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7473x_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_74f3_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7513_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7543_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7543p_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_7573x_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d
amd	epyc_75f3_firmware	< milanpi_1.0.0.d	milanpi_1.0.0.d