Untrusted Hypervisor Injection Vulnerability Affects AMD SEV-SNP and AMD SEV-ES

CVE-2024-25742

Summary

A vulnerability exists within the Linux kernel prior to version 6.9, where an untrusted hypervisor has the capability to inject virtual interrupt 29 (#VC) at any time, triggering its handler. This situation poses a significant risk to the security of virtualized environments, specifically affecting systems utilizing AMD’s Secure Encrypted Virtualization features, including SEV-SNP and SEV-ES. Proper mitigation strategies are essential to safeguard systems against potential exploitation.

References