Primary

Context

AMD CPUs SEV-SNP Guest Stack Pointer Corruption Vulnerability

Vulnerability

A vulnerability exists in certain AMD CPUs that may allow an admin-privileged attacker to alter the CPU pipeline configuration, potentially corrupting the stack pointer in an SEV-SNP guest. This issue arises from improper access controls that enable a malicious hypervisor to manipulate internal configuration bits, particularly affecting guests on the same SMT thread.

Impact

Exploitation of this vulnerability could lead to unauthorized modification of the stack pointer in an SEV-SNP guest, causing stack corruption.

Remediation

Users are advised to update to the recommended Platform Initialization (PI) firmware version. Specific guidance can be found in the AMD Security Bulletin AMD-SB-3027.

Added: Jan 16, 2026, 4:23 PM

Updated: Jan 16, 2026, 4:23 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

3.3

exploitability

2.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

3.3

exploitability

2.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD CPUs SEV-SNP Guest Stack Pointer Corruption Vulnerability

Vulnerability

Impact

Remediation

Affected Products

AMD EPYC 7003

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating