Description
Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low
Affected products
- AMD / AMD EPYC™ 7003 Series ProcessorsMilanPI 1.0.0.B – MilanPI 1.0.0.B
- AMD / AMD EPYC™ 9004 Series ProcessorsGenoa 1.0.0.8 – Genoa 1.0.0.8
- AMD / AMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 1.0.0.7 – EmbMilanPI-SP3 1.0.0.7
- AMD / AMD EPYC™ Embedded 9003 Series ProcessorsEmbGenoaPI-SP5 1.0.0.3 – EmbGenoaPI-SP5 1.0.0.3