TGTGInsightаналитика telegramLIVE / telegram public index
← DOFH - DevOps from hell
DOFH - DevOps from hell avatar

TGINSIGHT POST

Post #3570

@dofh_ru

DOFH - DevOps from hell

Просмотры2,150Количество просмотров
Опубликован5 февр.05.02.2025, 17:54
Содержимое поста

Содержимое

Here we go again! SEV-SNP is vulnerable, again. New AMD SEV-SNP vulnerability: https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w Exploit: https://github.com/google/security-research/tree/master/pocs/cpus/entrysign Reports about two recent vulnerabilities in SEV-SNP memory encryption and isolation mechanism, on CPU pipeline, cache and branch prediction level: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3010.html AMD reported that previous approaches to Spectre class attacks will work to fix new vulnerabilities: https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/tuning-guides/software-techniques-for-managing-speculation.pdf #cVM #TEE #SEV #SNP #SEV_SNP #AMD