GCP-2026-031 — Published: 2026-05-12Description Description Severity Notes Researchers discovered a vulnerability in AMD firmware that, due to missing…

Published: 2026-05-12Description Description Severity Notes Researchers discovered a vulnerability in AMD firmware that, due to missing protection, could allow a malicious hypervisor to execute arbitrary code on the AMD Secure Processor (ASP). This allows for the escalation of Memory Mapped I/O (MMIO) read and write permissions, which compromises the confidentiality and integrity of SEV-SNP guests. For more information, see the Compute Engine security bulletin. Medium CVE-2025-61971 CVE-2025-61972 CVE-2024-36315