Strix
26.1K

CVE-2021-26311

HIGHCVSS 7.2/10EPSS 1.68%

Last modified

CVE-2021-26311 is a high-severity vulnerability rated 7.2/10 on the CVSS scale. In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.. EPSS estimates a 1.68% chance of exploitation in the next 30 days.

Description

In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.

Metrics

CVSS 3.1
7.2/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
1.68%

74.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AmdEpyc 7232pAll versions
AmdEpyc 7251All versions
AmdEpyc 7252All versions
AmdEpyc 7261All versions
AmdEpyc 7262All versions
AmdEpyc 7272All versions
AmdEpyc 7281All versions
AmdEpyc 7282All versions
AmdEpyc 72f3All versions
AmdEpyc 7301All versions
AmdEpyc 7302All versions
AmdEpyc 7302pAll versions
AmdEpyc 7313All versions
AmdEpyc 7313pAll versions
AmdEpyc 7343All versions
AmdEpyc 7351All versions
AmdEpyc 7351pAll versions
AmdEpyc 7352All versions
AmdEpyc 7371All versions
AmdEpyc 73f3All versions
AmdEpyc 7401All versions
AmdEpyc 7401pAll versions
AmdEpyc 7402All versions
AmdEpyc 7402pAll versions
AmdEpyc 7413All versions
AmdEpyc 7443All versions
AmdEpyc 7443pAll versions
AmdEpyc 7451All versions
AmdEpyc 7452All versions
AmdEpyc 7453All versions
AmdEpyc 74f3All versions
AmdEpyc 7501All versions
AmdEpyc 7502All versions
AmdEpyc 7502pAll versions
AmdEpyc 7513All versions
AmdEpyc 7532All versions
AmdEpyc 7542All versions
AmdEpyc 7543All versions
AmdEpyc 7543pAll versions
AmdEpyc 7551All versions
AmdEpyc 7551pAll versions
AmdEpyc 7552All versions
AmdEpyc 75f3All versions
AmdEpyc 7601All versions
AmdEpyc 7642All versions
AmdEpyc 7643All versions
AmdEpyc 7662All versions
AmdEpyc 7663All versions
AmdEpyc 7702All versions
AmdEpyc 7702pAll versions

Showing 50 of 65 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-26311?
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
How severe is CVE-2021-26311?
CVE-2021-26311 has a CVSS score of 7.2/10 (HIGH severity). The EPSS model estimates a 1.68% probability of exploitation in the next 30 days.
How do I fix CVE-2021-26311?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-26311?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST