What is GCP-2026-021?

GCP-2026-021 is a security advisory published by Google Cloud Security Bulletins with Medium severity. GCP-2026-021 — Published: 2026-04-14Description Description Severity Notes AMD reported a vulnerability in its firmware that could have allowed a…

Which CVE IDs does GCP-2026-021 cover?

GCP-2026-021 covers the following CVE IDs: CVE-2023-20585. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GCP-2026-021Medium

GCP-2026-021 — Published: 2026-04-14Description Description Severity Notes AMD reported a vulnerability in its firmware that could have allowed a…

Vendor

Google Cloud Security Bulletins

Published

May 20, 2026

Last Modified

—

🔗 CVE IDs covered (1)

CVE-2023-20585 →

📋 Description

Published: 2026-04-14Description Description Severity Notes AMD reported a vulnerability in its firmware that could have allowed a malicious hypervisor to direct the IOMMU to write into the guest memory of AMD SEV-SNP enabled instances, compromising guest data integrity. Google rolled out a mitigation to vulnerable Confidential VM instances with AMD SEV-SNP enabled. What should I do? No customer action is needed. The mitigation has already been applied to Confidential VM instances with AMD SEV-SNP enabled. For more information, see AMD advisory AMD-SB-3016. Medium CVE-2023-20585

🔗 References (1)

advisoryhttps://docs.cloud.google.com/support/bulletins/index#gcp-2026-021