CVE-2021-26311

Published: May 13, 2021

Modified: Sep 17, 2024

PUBLISHED

Description

In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.

Vendor	Product	Versions
AMD	SEV/SEV-ES	affected `unspecified - < SEV-SNP`

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-26311

Description

Affected Products

References