Description
Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
None
Affected products
- AMD / AMD EPYC™ 7003 Series ProcessorsMilanPI 1.0.0.D – MilanPI 1.0.0.D
- AMD / AMD EPYC™ 8004 Series ProcessorsGenoaPI 1.0.0.C – GenoaPI 1.0.0.C
- AMD / AMD EPYC™ 9004 Series ProcessorsGenoaPI 1.0.0.C – GenoaPI 1.0.0.C
- AMD / AMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 1.0.0.9 – EmbMilanPI-SP3 1.0.0.9
- AMD / AMD EPYC™ Embedded 9004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.9 – EmbGenoaPI-SP5 1.0.0.9
- AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2 1.2.0.Cb – ComboAM4v2 1.2.0.Cb
- AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1 – CezannePI-FP6_1.0.1.1
- AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7/FP7r2_1.0.0.B – RembrandtPI-FP7/FP7r2_1.0.0.B
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5 1.2.0.1 – ComboAM5 1.2.0.1
- AMD / AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1 – CezannePI-FP6_1.0.1.1
- AMD / AMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsRembrandtPI-FP7/FP7r2_1.0.0.B – RembrandtPI-FP7/FP7r2_1.0.0.B
- AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.1.0.3 – PhoenixPI-FP8-FP7_1.1.0.3
- AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1 1.0.0.3e – DragonRangeFL1 1.0.0.3e
- AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5 1.2.0.1 – ComboAM5 1.2.0.1
- AMD / AMD Ryzen™ Embedded 5000 Series ProcessorsEmbAM4PI 1.0.0.7 – EmbAM4PI 1.0.0.7
- AMD / AMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.3 – EmbeddedAM5PI 1.0.0.3
- AMD / AMD Ryzen™ Embedded 8000 Series ProcessorsEmbeddedPhoenixPI-FP7r2_1.2.0.0 – EmbeddedPhoenixPI-FP7r2_1.2.0.0
- AMD / AMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 100A – Embedded-PI_FP7r2 100A
- AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.8 – ChagallWSPI-sWRX8 1.0.0.8
- AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.8 – ChagallWSPI-sWRX8 1.0.0.8