Hypervisor Memory Leakage Vulnerability Discovered
CVE-2024-21978
7.9HIGH
Key Information:
- Vendor
Amd
- Status
- Vendor
- CVE Published:
- 5 August 2024
What is CVE-2024-21978?
The vulnerability in AMD's SEV-SNP relates to improper input validation, which may be exploited by a malicious hypervisor. This flaw enables unauthorized access to read or overwrite guest memory, potentially resulting in significant data leakage or corruption. System administrators and users of affected products should prioritize reviewing the associated vendor advisory for specific mitigation steps and affected versions.
Affected Version(s)
3rd Gen AMD EPYC™ Processors various
4th Gen AMD EPYC™ Processors various
AMD EPYC™ Embedded 7003 various