CVE-2021-26342

Advisory lineage Upstream: 0 Downstream: 5

Downstream

SUSE-SU-2022:1751-1 SUSE-SU-2022:1840-1 SUSE-SU-2022:1846-1 SUSE-SU-2022:1847-1 SUSE-SU-2022:1923-1

Modified

Published: 11 May 2022, 16:21

Last modified:16 Sept 2024, 16:32

Vulnerability Summary

Overall Risk (default)

low

13/100

CVSS Score

3.3 LOW

v3.1 (nvd)

EPSS Score

0.05% LOW

0% probability -0.07%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 May 2022, 16:21

Published

Vulnerability first disclosed

16 Sept 2024, 16:32

Last Modified

Vulnerability information updated

Description

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.

CVSS Metrics

v3.1•LOW•Score: 3.3CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.05%• Percentile: 17%

Affected Systems

amd•epyc_7001_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7251_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7261_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7281_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_72f3_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7301_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7313_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7313p_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7343_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7351_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7351p_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7371_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7373x_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_73f3_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7401_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7401p_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7413_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7443_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7443p_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7451_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7453_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7473x_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_74f3_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7501_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7513_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7543_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7543p_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7551_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7551p_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7573x_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_75f3_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7601_firmware
< naplespi-sp3_1.0.0.h
amd•epyc_7643_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7663_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7713_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7713p_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7763_firmware
< milanpi-sp3_1.0.0.7
amd•epyc_7773x_firmware
< milanpi-sp3_1.0.0.7
amd•epyc™ processors
various

References (1)

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028