Security Advisory

CVE-2025-48517

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-10 19:08:21

Last updated 2026-02-10 21:17:00

Assigner AMD

State PUBLISHED

Description

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

← Browse all CVEs View on cve.org ↗