CVE-2021-26342: 
Linux openSUSE vulnerability analysis and mitigation

CVE-2021-26342 is a vulnerability affecting AMD SEV guest VMs, discovered and disclosed by AMD. The vulnerability involves a failure in the CPU's Translation Lookaside Buffer (TLB) flushing mechanism following specific operations including the creation of a new virtual machine control block (VMCB). This vulnerability affects various AMD EPYC processors, though users of SEV-ES/SEV-SNP guest VMs are not impacted (AMD Advisory).

The vulnerability occurs when the CPU fails to properly flush the Translation Lookaside Buffer following a particular sequence of operations involving VMCB creation. This failure can result in the microcode using stale TLB translations. The vulnerability has been assigned a CVSS v3.1 base score of 3.3 (LOW) with a vector of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N, indicating local access is required and the impact is primarily limited to confidentiality (NVD).

The primary impact of this vulnerability is the potential disclosure of SEV guest memory contents due to the use of stale TLB translations. The vulnerability only affects confidentiality with no impact on integrity or availability of the system (NVD).

AMD has released firmware updates to address this vulnerability. The fix is included in naplespi-sp31.0.0.h for Naples processors and milanpi-sp31.0.0.7 for Milan processors (AMD Advisory).