Volerion logoVolerion
Volerion logoVolerion

AMD SEV-SNP Improper Access Control Vulnerability Allowing Memory Integrity Corruption

Vulnerability

A vulnerability exists in AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) due to improper access control. This issue could enable an admin-privileged attacker to write to the Reverse Map Table (RMP) during the initialization phase of SEV-SNP, potentially compromising the integrity of guest memory. The vulnerability arises from a race condition that can be exploited by a malicious hypervisor to manipulate the initial RMP content, leading to a loss of memory integrity for SEV-SNP guests.

Impact

Exploitation of this vulnerability could allow a malicious hypervisor to corrupt the Reverse Map Table, manipulating the memory integrity of SEV-SNP guests.

Remediation

Users are advised to update to the recommended SEV Firmware or Platform Initialization (PI) firmware version. Specific guidance can be found in the AMD Security Bulletin AMD-SB-3020.

Added: Oct 14, 2025, 3:37 PM
Updated: Oct 14, 2025, 11:27 PM

Vulnerability Rating

Custom Algorithm
spread
5.4
impact
0.6
exploitability
2.4
remediation
7.7
relevance
0.8
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.