CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
AMD ID: AMD-SB-3008 **Potential Impact:**N/A Severity: N/A
Researchers from ETH Zurich have shared with AMD a paper titled “Heckler: Disrupting AMD SEV-SNP with Interrupts.”
In their paper, the researchers report that a malicious hypervisor can potentially break confidentiality and integrity of Linux® SEV-SNP guests by injecting interrupts.
AMD believes that this vulnerability lies in the Linux® kernel implementation of SEV-SNP and mitigations addressing some of the vulnerability issues have been upstreamed to the main Linux kernel. Please refer to upstream kernel commit IDs f35e46631b28 (“Merge tag ‘x86-int80-20231207’ of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip”) and e3ef461af35a (“x86/sev: Harden #VC instruction emulation somewhat”) "
AMD supports additional hardware security features that are designed to protect against the reported attack that are not currently supported in Linux®. The relevant features are described in AMD64 Architecture Programmer’s Manual Volume 2, Section 15.36.16.
Please refer to your Linux® provider for guidance.
CVE-2024-25742, CVE-2024-25743, CVE-2024-25744 has been assigned by CERT/CC.