CVE-2023-20591

< genoapi_1.0.0.8

Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an a

6.5MEDIUM

CVE-2023-20584

< genoapi_1.0.0.b

IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with

5.3MEDIUM

CVE-2023-20578

< genoapi_1.0.0.2

A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell

7.5HIGH

CVE-2024-21980

< genoapi_1.0.0.c

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's mem

7.9HIGH

CVE-2024-21978

< genoapi_1.0.0.c

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to d

6.0MEDIUM

CVE-2023-31355

< genoapi_1.0.0.c

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potent

6.0MEDIUM

CVE-2023-31347

< genoapi_1.0.0.b

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect

4.9MEDIUM

CVE-2023-31346

< genoapi_1.0.0.b

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

6.0MEDIUM

CVE-2023-20573

all versions

A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving exp

3.2LOW

CVE-2023-20566

< genoapi_1.0.0.7

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.

5.3MEDIUM

CVE-2022-23830

< genoapi_1.0.0.1

SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory int

1.9LOW

CVE-2021-46774

< genoapi_1.0.0.8

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM a

6.7MEDIUM

CVE-2021-46766

< genoapi_1.0.0.4

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, pote

2.5LOW

CVE-2021-26345

< genoapi_1.0.0.0

Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memo

1.9LOW

CVE-2023-20569

< genoapi_1.0.0.9

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may re

4.7MEDIUM

CVE-2023-20575

all versions

A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting

6.5MEDIUM