Insufficient input validation on the model
specific register: VM_HSAVE_PA may potentially lead to loss of SEV-SNP guest
memory integrity.























No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00116.

Exploitation none

Automatable yes

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
AMD 3rd Gen AMD EPYC™ unaffected
Version Status Constraints
various affected

Configuration 1 [-]

AND
cpe:2.3:o:amd:epyc_72f3_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:amd:epyc_7313_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:amd:epyc_7313p_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:amd:epyc_7343_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:amd:epyc_7373x_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:amd:epyc_73f3_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:amd:epyc_7413_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:amd:epyc_7443_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:amd:epyc_7443p_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:amd:epyc_7453_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:amd:epyc_7473x_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:amd:epyc_74f3_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:amd:epyc_7513_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:amd:epyc_7543_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:amd:epyc_7543p_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:amd:epyc_7573x_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:amd:epyc_75f3_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:amd:epyc_7643_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:amd:epyc_7663_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:amd:epyc_7713_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:amd:epyc_7713p_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:amd:epyc_7763_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:amd:epyc_7773x_firmware:milanpi_1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Amd Subscribe
Epyc 72f3 Subscribe
Epyc 72f3 Firmware Subscribe
Epyc 7313 Subscribe
Epyc 7313 Firmware Subscribe
Epyc 7313p Subscribe
Epyc 7313p Firmware Subscribe
Epyc 7343 Subscribe
Epyc 7343 Firmware Subscribe
Epyc 7373x Subscribe
Epyc 7373x Firmware Subscribe
Epyc 73f3 Subscribe
Epyc 73f3 Firmware Subscribe
Epyc 7413 Subscribe
Epyc 7413 Firmware Subscribe
Epyc 7443 Subscribe
Epyc 7443 Firmware Subscribe
Epyc 7443p Subscribe
Epyc 7443p Firmware Subscribe
Epyc 7453 Subscribe
Epyc 7453 Firmware Subscribe
Epyc 7473x Subscribe
Epyc 7473x Firmware Subscribe
Epyc 74f3 Subscribe
Epyc 74f3 Firmware Subscribe
Epyc 7513 Subscribe
Epyc 7513 Firmware Subscribe
Epyc 7543 Subscribe
Epyc 7543 Firmware Subscribe
Epyc 7543p Subscribe
Epyc 7543p Firmware Subscribe
Epyc 7573x Subscribe
Epyc 7573x Firmware Subscribe
Epyc 75f3 Subscribe
Epyc 75f3 Firmware Subscribe
Epyc 7643 Subscribe
Epyc 7643 Firmware Subscribe
Epyc 7663 Subscribe
Epyc 7663 Firmware Subscribe
Epyc 7713 Subscribe
Epyc 7713 Firmware Subscribe
Epyc 7713p Subscribe
Epyc 7713p Firmware Subscribe
Epyc 7763 Subscribe
Epyc 7763 Firmware Subscribe
Epyc 7773x Subscribe
Epyc 7773x Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2022-28747 Insufficient input validation on the model specific register: VM_HSAVE_PA may potentially lead to loss of SEV-SNP guest memory integrity.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 cve-icon cve-icon
History

Tue, 28 Jan 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2025-01-28T15:55:54.421Z

Reserved: 2022-01-21T17:20:55.777Z

Link: CVE-2022-23818

cve-icon Vulnrichment

Updated: 2024-08-03T03:51:46.083Z

cve-icon NVD

Status : Modified

Published: 2023-05-09T19:15:11.367

Modified: 2025-01-28T16:15:33.747

Link: CVE-2022-23818

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses