← Zuruck zu CVEs
CVE-2024-56161
HIGH7.2
Beschreibung
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.
CVE Details
CVSS v3.1 Bewertung7.2
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
AngriffsvektorLOCAL
KomplexitatHIGH
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht2/3/2025
Zuletzt geandert4/2/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-347
Referenzen
http://www.openwall.com/lists/oss-security/2025/02/04/1(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/03/06/2(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/03/msg00024.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.