#VU63688 Security features bypass in 3rd Gen AMD EPYC Processors - CVE-2021-26349


Vulnerability identifier: #VU63688

Vulnerability risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-26349

CWE-ID: CWE-254

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
3rd Gen AMD EPYC Processors
Hardware solutions / Firmware

Vendor: AMD

Description

The vulnerability allows an attacker to compromise the guest OS.

The vulnerability exists due to failure to assign a new report ID to an imported guest. This can result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA).

Mitigation
Install updates from vendor's website.

Vulnerable software versions

3rd Gen AMD EPYC Processors: before MilanPI-SP3_1.0.0.7

External links
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in HPE ProLiant Gen10 and Gen10 Plus Servers
Multiple vulnerabilities in Dell PowerEdge Server
Multiple vulnerabilities in Dell EMC NetWorker vProxy
SUSE update for kernel-firmware
Multiple vulnerabilities in AMD EPYC processors
SUSE update for kernel-firmware
SUSE update for kernel-firmware
SUSE update for kernel-firmware