Primary

Context

AMD EPYC Processors IOMMU Improper Input Validation Vulnerability Allowing Loss of Guest Memory Integrity

Vulnerability

A vulnerability exists in the I/O Memory Management Unit (IOMMU) of AMD EPYC processors, including the 7001, 7002, 7003, 8004, 9004, and certain embedded series. This vulnerability arises from improper input validation, which could enable a malicious hypervisor to alter IOMMU registers, potentially leading to a loss of integrity in guest memory.

Impact

Exploitation of this vulnerability could result in a loss of integrity for guest memory, allowing for unauthorized modifications or corruption of data.

Remediation

Users are advised to update to the AMD EPYC Platform Initialization (PI) or Secure Encrypted Virtualization (SEV) firmware version that includes the mitigation. For specific update details, please contact the original equipment manufacturer (OEM) or refer to the AMD EPYC Embedded Processors bulletin.

Added: Feb 10, 2026, 9:09 PM

Updated: Feb 11, 2026, 1:12 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

2.4

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

2.4

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD EPYC Processors IOMMU Improper Input Validation Vulnerability Allowing Loss of Guest Memory Integrity

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating