CVE-2025-48517

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

Granularidad insuficiente de control de acceso en el firmware SEV podría permitir a un usuario privilegiado con un hipervisor malicioso crear un invitado SEV-ES con un ASID en el rango destinado a invitados SEV-SNP, lo que podría resultar en una pérdida parcial de confidencialidad.