Milanpi Firmware
Monthly
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.