AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.

Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality.

Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service.

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor.