The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
References
Link | Resource |
---|---|
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004 | Vendor Advisory |
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:00
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004 - Vendor Advisory |
Information
Published : 2021-05-13 12:15
Updated : 2024-11-21 05:00
NVD link : CVE-2020-12967
Mitre link : CVE-2020-12967
CVE.ORG link : CVE-2020-12967
JSON object : View
Products Affected
amd
- epyc_7643
- epyc_7281
- epyc_7543
- epyc_7443
- epyc_75f3
- epyc_embedded_3201
- epyc_7401p
- epyc_7642
- epyc_7351
- epyc_7543p
- epyc_7352
- epyc_7713
- epyc_7302
- epyc_7452
- epyc_embedded_3251
- epyc_embedded_3151
- epyc_7f32
- epyc_7f52
- epyc_7742
- epyc_embedded_3451
- epyc_7371
- epyc_7502p
- epyc_7552
- epyc_7662
- epyc_7763
- epyc_embedded_3255
- epyc_7252
- epyc_7282
- epyc_7f72
- epyc_7702p
- epyc_embedded_3351
- epyc_7313p
- epyc_7232p
- epyc_7513
- epyc_7413
- epyc_7501
- epyc_7502
- epyc_7313
- epyc_7663
- epyc_7401
- epyc_7532
- epyc_7402
- epyc_7601
- epyc_7272
- epyc_7301
- epyc_7261
- epyc_7451
- epyc_7542
- epyc_7551p
- epyc_73f3
- epyc_7453
- epyc_7h12
- epyc_7351p
- epyc_72f3
- epyc_7302p
- epyc_7343
- epyc_7402p
- epyc_7551
- epyc_7713p
- epyc_embedded_3101
- epyc_7702
- epyc_74f3
- epyc_7251
- epyc_7443p
- epyc_7262
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')