In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00119.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Amd Subscribe
Epyc 7001 Subscribe
Epyc 7001 Firmware Subscribe
Epyc 7251 Subscribe
Epyc 7251 Firmware Subscribe
Epyc 7261 Subscribe
Epyc 7261 Firmware Subscribe
Epyc 7281 Subscribe
Epyc 7281 Firmware Subscribe
Epyc 72f3 Subscribe
Epyc 72f3 Firmware Subscribe
Epyc 7301 Subscribe
Epyc 7301 Firmware Subscribe
Epyc 7313 Subscribe
Epyc 7313 Firmware Subscribe
Epyc 7313p Subscribe
Epyc 7313p Firmware Subscribe
Epyc 7343 Subscribe
Epyc 7343 Firmware Subscribe
Epyc 7351 Subscribe
Epyc 7351 Firmware Subscribe
Epyc 7351p Subscribe
Epyc 7351p Firmware Subscribe
Epyc 7371 Subscribe
Epyc 7371 Firmware Subscribe
Epyc 7373x Subscribe
Epyc 7373x Firmware Subscribe
Epyc 73f3 Subscribe
Epyc 73f3 Firmware Subscribe
Epyc 7401 Subscribe
Epyc 7401 Firmware Subscribe
Epyc 7401p Subscribe
Epyc 7401p Firmware Subscribe
Epyc 7413 Subscribe
Epyc 7413 Firmware Subscribe
Epyc 7443 Subscribe
Epyc 7443 Firmware Subscribe
Epyc 7443p Subscribe
Epyc 7443p Firmware Subscribe
Epyc 7451 Subscribe
Epyc 7451 Firmware Subscribe
Epyc 7453 Subscribe
Epyc 7453 Firmware Subscribe
Epyc 7473x Subscribe
Epyc 7473x Firmware Subscribe
Epyc 74f3 Subscribe
Epyc 74f3 Firmware Subscribe
Epyc 7501 Subscribe
Epyc 7501 Firmware Subscribe
Epyc 7513 Subscribe
Epyc 7513 Firmware Subscribe
Epyc 7543 Subscribe
Epyc 7543 Firmware Subscribe
Epyc 7543p Subscribe
Epyc 7543p Firmware Subscribe
Epyc 7551 Subscribe
Epyc 7551 Firmware Subscribe
Epyc 7551p Subscribe
Epyc 7551p Firmware Subscribe
Epyc 7573x Subscribe
Epyc 7573x Firmware Subscribe
Epyc 75f3 Subscribe
Epyc 75f3 Firmware Subscribe
Epyc 7601 Subscribe
Epyc 7601 Firmware Subscribe
Epyc 7643 Subscribe
Epyc 7643 Firmware Subscribe
Epyc 7663 Subscribe
Epyc 7663 Firmware Subscribe
Epyc 7713 Subscribe
Epyc 7713 Firmware Subscribe
Epyc 7713p Subscribe
Epyc 7713p Firmware Subscribe
Epyc 7763 Subscribe
Epyc 7763 Firmware Subscribe
Epyc 7773x Subscribe
Epyc 7773x Firmware Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:amd:epyc_7001_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7001:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:amd:epyc_7251_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7251:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:amd:epyc_7261_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7261:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:amd:epyc_7281_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7281:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:amd:epyc_7301_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7301:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:amd:epyc_7351_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7351:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:amd:epyc_7351p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7351p:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:amd:epyc_7371_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7371:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND
cpe:2.3:o:amd:epyc_7401_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7401:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND
cpe:2.3:o:amd:epyc_7401p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7401p:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND
cpe:2.3:o:amd:epyc_7451_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7451:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND
cpe:2.3:o:amd:epyc_7501_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7501:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND
cpe:2.3:o:amd:epyc_7551_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7551:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND
cpe:2.3:o:amd:epyc_7551p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7551p:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND
cpe:2.3:o:amd:epyc_7601_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7601:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2021-13148 In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028 cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2024-09-16T16:32:42.078Z

Reserved: 2021-01-29T00:00:00

Link: CVE-2021-26342

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-11T17:15:08.297

Modified: 2024-11-21T05:56:09.363

Link: CVE-2021-26342

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses