Versio.io

CVE-2021-26342

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 11-05-2022 07:15
Last modified: - 19-05-2022 10:05
Total changes: - 2

Description

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Low
Attack complexity
Local
Attack vector
None
Availability
Low
Confidentiality
None
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
3.3
Base score
1.8
1.4
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=amd AND product=epyc_7763_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7763 AND version=-
AND
OR
vendor=amd AND product=epyc_7713p_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7713p AND version=-
AND
OR
vendor=amd AND product=epyc_7713_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7713 AND version=-
AND
OR
vendor=amd AND product=epyc_7663_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7663 AND version=-
AND
OR
vendor=amd AND product=epyc_7643_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7643 AND version=-
AND
OR
vendor=amd AND product=epyc_75f3_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_75f3 AND version=-
AND
OR
vendor=amd AND product=epyc_7543p_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7543p AND version=-
AND
OR
vendor=amd AND product=epyc_7543_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7543 AND version=-
AND
OR
vendor=amd AND product=epyc_7513_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7513 AND version=-
AND
OR
vendor=amd AND product=epyc_7453_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7453 AND version=-
AND
OR
vendor=amd AND product=epyc_74f3_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_74f3 AND version=-
AND
OR
vendor=amd AND product=epyc_7443p_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7443p AND version=-
AND
OR
vendor=amd AND product=epyc_7443_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7443 AND version=-
AND
OR
vendor=amd AND product=epyc_7413_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7413 AND version=-
AND
OR
vendor=amd AND product=epyc_73f3_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_73f3 AND version=-
AND
OR
vendor=amd AND product=epyc_7343_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7343 AND version=-
AND
OR
vendor=amd AND product=epyc_7313p_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7313p AND version=-
AND
OR
vendor=amd AND product=epyc_7313_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7313 AND version=-
AND
OR
vendor=amd AND product=epyc_72f3_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_72f3 AND version=-
AND
OR
vendor=amd AND product=epyc_7773x_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7773x AND version=-
AND
OR
vendor=amd AND product=epyc_7473x_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7473x AND version=-
AND
OR
vendor=amd AND product=epyc_7573x_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7573x AND version=-
AND
OR
vendor=amd AND product=epyc_7373x_firmware AND versionEndExcluding=milanpi-sp3_1.0.0.7
OR
vendor=amd AND product=epyc_7373x AND version=-
AND
OR
vendor=amd AND product=epyc_7001_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7001 AND version=-
AND
OR
vendor=amd AND product=epyc_7251_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7251 AND version=-
AND
OR
vendor=amd AND product=epyc_7261_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7261 AND version=-
AND
OR
vendor=amd AND product=epyc_7281_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7281 AND version=-
AND
OR
vendor=amd AND product=epyc_7301_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7301 AND version=-
AND
OR
vendor=amd AND product=epyc_7351_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7351 AND version=-
AND
OR
vendor=amd AND product=epyc_7351p_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7351p AND version=-
AND
OR
vendor=amd AND product=epyc_7371_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7371 AND version=-
AND
OR
vendor=amd AND product=epyc_7401_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7401 AND version=-
AND
OR
vendor=amd AND product=epyc_7401p_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7401p AND version=-
AND
OR
vendor=amd AND product=epyc_7451_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7451 AND version=-
AND
OR
vendor=amd AND product=epyc_7501_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7501 AND version=-
AND
OR
vendor=amd AND product=epyc_7551_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7551 AND version=-
AND
OR
vendor=amd AND product=epyc_7551p_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7551p AND version=-
AND
OR
vendor=amd AND product=epyc_7601_firmware AND versionEndExcluding=naplespi-sp3_1.0.0.h
OR
vendor=amd AND product=epyc_7601 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2021-26342

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.