CVE-2021-26408

Summary

Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.

Affected Software

VendorProductVersion RangeStatus
AMD1st Gen AMD EPYC™unspecified < NaplesPI-SP3_1.0.0.Gaffected
AMD2nd Gen AMD EPYC™unspecified < RomePI-SP3_1.0.0.Caffected

Weaknesses

  • tbd

ADP Enrichment

CVE Program Container

Additional References

References