CNNVD-202510-1715 Information

CNNVD ID

CNNVD-202510-1715

Related CVE

CVE-2025-0033

• CNNVD Published: 2025-10-13

Description (Chinese)

AMD EPYC是美国超威半导体（AMD）公司的一款高性能服务器处理器。 AMD EPYC存在安全漏洞，该漏洞源于AMD SEV-SNP中不正确的访问控制可能允许具有管理特权的攻击者在SNP初始化期间写入RMP，可能导致SEV-SNP guest内存完整性丢失。

Description (English)

AMD EPYC is a high-performance server processor for the U.S. Supermassive Semiconductor (AMD). The AMD EPYC has a security loophole, which stems from incorrect access controls in AMD SEV-SNP that may allow an attacker with management privileges to write RPP during the initialization of the SNP, which may result in the loss of the integrity of the SEV-SNP memory.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

超微半导体

Published

2025-10-13

Last Modified

2026-02-24

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3020.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0033 https://vigilance.fr/vulnerability/AMD-EPYC-Processors-write-access-via-SEV-SNP-RMP-Initialization-48464

Patch

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3020.html