Security bulletins

The following describes all security bulletins related to Confidential VM.

GCP-2025-007

Published: 2025-02-03

Description	Severity	Notes
Google has discovered a vulnerability in AMD Zen-based CPUs that affects Confidential VM instances with AMD SEV-SNP enabled. This vulnerability allows attackers with root access in a physical machine to compromise the confidentiality and integrity of the Confidential VM instance. Google has applied fixes to the affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google. What should I do? No customer action is required. Customers who want to verify the fix can check the Trusted Computing Base (TCB) version in the attestation report from their Confidential VM instance with AMD SEV-SNP. The minimum versions that mitigate this vulnerability are as follows: SNP TCB SVN: 0x18 0d24 tcb_version { psp_bootloader_version: 4 snp_firmware_version: 24 (0x18) microcode_version: 219 } For more information, see AMD security bulletin AMD-SB-3019.	High	CVE-2024-56161

Description

Severity

Notes

Google has discovered a vulnerability in AMD Zen-based CPUs that affects Confidential VM instances with AMD SEV-SNP enabled. This vulnerability allows attackers with root access in a physical machine to compromise the confidentiality and integrity of the Confidential VM instance.

Google has applied fixes to the affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google.

What should I do?

No customer action is required. Customers who want to verify the fix can check the Trusted Computing Base (TCB) version in the attestation report from their Confidential VM instance with AMD SEV-SNP. The minimum versions that mitigate this vulnerability are as follows:

SNP TCB SVN: 0x18 0d24
tcb_version {
  psp_bootloader_version: 4
  snp_firmware_version: 24 (0x18)
  microcode_version: 219
}

For more information, see AMD security bulletin AMD-SB-3019.

High

CVE-2024-56161

GCP-2024-046

Published: 2024-08-05

Description	Severity	Notes
AMD has notified Google about 3 new (2 medium risk, 1 high risk) firmware vulnerabilities affecting SEV-SNP in AMD EPYC 3rd generation (Milan) and 4th generation (Genoa) CPUs. Google has applied fixes to the affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google. What should I do? No customer action is required. Fixes have already been applied to the Google server fleet. For more information, see AMD security advisory AMD-SN-3011.	Medium–High	CVE-2023-31355 CVE-2024-21978 CVE-2024-21980

Description

Severity

Notes

AMD has notified Google about 3 new (2 medium risk, 1 high risk) firmware vulnerabilities affecting SEV-SNP in AMD EPYC 3rd generation (Milan) and 4th generation (Genoa) CPUs.

Google has applied fixes to the affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google.

What should I do?

No customer action is required. Fixes have already been applied to the Google server fleet.

For more information, see AMD security advisory AMD-SN-3011.

Medium–High

CVE-2023-31355

CVE-2024-21978

CVE-2024-21980

GCP-2024-009

Published: 2024-02-13

Description	Severity	Notes
On February 13, 2024, AMD disclosed two vulnerabilities affecting SEV-SNP on EPYC CPUs based on third generation "Milan" and fourth generation "Genoa" Zen cores. The vulnerabilities allow privileged attackers to access stale data from guests or cause a loss of guest integrity. Google has applied fixes to affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google. What should I do? No customer action is required. Fixes have already been applied to the Google server fleet for Google Cloud, including Compute Engine. For more information, see AMD security advisory AMD-SN-3007.	Medium	CVE-2023-31346 CVE-2023-31347

Description

Severity

Notes

On February 13, 2024, AMD disclosed two vulnerabilities affecting SEV-SNP on EPYC CPUs based on third generation "Milan" and fourth generation "Genoa" Zen cores. The vulnerabilities allow privileged attackers to access stale data from guests or cause a loss of guest integrity.

Google has applied fixes to affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google.

What should I do?

No customer action is required. Fixes have already been applied to the Google server fleet for Google Cloud, including Compute Engine.

For more information, see AMD security advisory AMD-SN-3007.

Medium

CVE-2023-31346

CVE-2023-31347