CVE-2021-26342

LOW

AMD EPYC Milan Firmware < milanpi-sp3_1.0.0.7 - Information Disclosure via Stale TLB Translations

Title source: llm

Description

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028

Scores

CVSS v3 3.3

EPSS 0.0005

EPSS Percentile 17.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

Status published

Products (38)

amd/epyc_7001_firmware < naplespi-sp3_1.0.0.h

amd/epyc_7251_firmware < naplespi-sp3_1.0.0.h

amd/epyc_7261_firmware < naplespi-sp3_1.0.0.h

amd/epyc_7281_firmware < naplespi-sp3_1.0.0.h

amd/epyc_72f3_firmware < milanpi-sp3_1.0.0.7

amd/epyc_7301_firmware < naplespi-sp3_1.0.0.h

amd/epyc_7313_firmware < milanpi-sp3_1.0.0.7

amd/epyc_7313p_firmware < milanpi-sp3_1.0.0.7

amd/epyc_7343_firmware < milanpi-sp3_1.0.0.7

amd/epyc_7351_firmware < naplespi-sp3_1.0.0.h

... and 28 more

Published May 11, 2022

Tracked Since Feb 18, 2026