← Back

CVE-2019-9836

nvd nist
Published: Jun 25, 2019Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.

Affected (3)

Amd
1 product
Secure Encrypted Virtualization Firmware
Opensuse
1 product
Leap
Configuration A
1 vulnerable · 14 platform
Vulnerable SoftwareAffected Versions
Secure Encrypted Virtualization Firmware
Up to 0.17b11
Running on/withPlatform Versions
Amd
Epyc 7251
All versions
Amd
Epyc 7261
All versions
Amd
Epyc 7281
All versions
Amd
Epyc 7301
All versions
Amd
Epyc 7351
All versions
Amd
Epyc 7351p
All versions
Amd
Epyc 7371
All versions
Amd
Epyc 7401
All versions
Amd
Epyc 7401p
All versions
Amd
Epyc 7451
All versions
Amd
Epyc 7501
All versions
Amd
Epyc 7551
All versions
Amd
Epyc 7551p
All versions
Amd
Epyc 7601
All versions
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Leap
Version 15.0
Leap
Version 15.1

Related CWEs

CWE-327
Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.

References (10)

Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.