vulnerability
SUSE: CVE-2021-26342: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | May 11, 2022 | Oct 26, 2022 | Oct 26, 2022 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
May 11, 2022
Added
Oct 26, 2022
Modified
Oct 26, 2022
Description
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.
Solutions
suse-upgrade-kernel-firmwaresuse-upgrade-kernel-firmware-allsuse-upgrade-kernel-firmware-amdgpususe-upgrade-kernel-firmware-ath10ksuse-upgrade-kernel-firmware-ath11ksuse-upgrade-kernel-firmware-atherossuse-upgrade-kernel-firmware-bluetoothsuse-upgrade-kernel-firmware-bnx2suse-upgrade-kernel-firmware-brcmsuse-upgrade-kernel-firmware-chelsiosuse-upgrade-kernel-firmware-dpaa2suse-upgrade-kernel-firmware-i915suse-upgrade-kernel-firmware-intelsuse-upgrade-kernel-firmware-iwlwifisuse-upgrade-kernel-firmware-liquidiosuse-upgrade-kernel-firmware-marvellsuse-upgrade-kernel-firmware-mediasuse-upgrade-kernel-firmware-mediateksuse-upgrade-kernel-firmware-mellanoxsuse-upgrade-kernel-firmware-mwifiexsuse-upgrade-kernel-firmware-networksuse-upgrade-kernel-firmware-nfpsuse-upgrade-kernel-firmware-nvidiasuse-upgrade-kernel-firmware-platformsuse-upgrade-kernel-firmware-presterasuse-upgrade-kernel-firmware-qcomsuse-upgrade-kernel-firmware-qlogicsuse-upgrade-kernel-firmware-radeonsuse-upgrade-kernel-firmware-realteksuse-upgrade-kernel-firmware-serialsuse-upgrade-kernel-firmware-soundsuse-upgrade-kernel-firmware-tisuse-upgrade-kernel-firmware-ueaglesuse-upgrade-kernel-firmware-usb-networksuse-upgrade-ucode-amd
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.