Two attacks disclosed against AMD’s SEV virtual machine protection system
Chipmaker AMD has issued guidance this week for two attacks against its SEV (Secure Encrypted Virtualization) technology that protects virtual machines from rogue operating systems.
The two attacks, documented in two academic papers, can allow a threat actor to inject malicious code inside SEV-encrypted virtual machines, giving them full control over the VM’s operating system.
The two attacks, SEVurity and undeSErVed, work not only against AMD CPUs protected by SEV but also SEV-ES (Secure Encrypted Virtualization-Encrypted State), an improved version of the technology that AMD released in 2017, a year after adding SEV to its CPUs.
AMD says EPYC CPU line is impacted
In a security bulletin released on Patch Tuesday, AMD confirmed the two attacks for the first time.
The company said that all AMD EPYC processors are impacted by these attacks. This includes 1st, 2nd, 3rd generation, and embedded EPYC processors, a CPU line typically used in data center servers.
The chipmaker said that companies who use AMD CPUs to host virtualized environments for employees/customers should activate SEV-SNP (Secure Encrypted Virtualization-Secure Nested Paging), its latest version of the SEV technology, which it launched in 2020 [see PDF].
“The mitigation requires the use of SEV-SNP, which is only supported on 3rd Gen AMD EPYC,” the company said.
Since prior generations of EPYC processors do not support SEV-SNP, the chipmaker advised customers to follow security best practices and avoid a compromise of the host OS, the operating system that runs the SEV-protected VM.
The chipmaker released its security advisory this week because the two attacks and their research papers are scheduled to be presented at the WOOT ’21 security conference at the end of this month; when they’re likely to gain more attention from the general public.
While in the past two years most CPU attacks have primarily targeted Intel CPUs, which have a much larger market share, AMD has had to deal with its own set of issues as well.
Last month, the chipmaker admitted that its Zen 3 CPUs were vulnerable to Spectre-like attacks via the processor’s PSF feature.
In June 2020, the company also admitted that its AMD Accelerated Processing Unit (APU) processors released between 2016 and 2019 were impacted by “SMM Callout” bugs.
Earlier this month, AMD denied that its CPUs were impacted by an attack that bypassed the patches for the original 2018 Spectre attack, detailed in a paper called “I see dead µops: leaking secrets via Intel/AMD micro-op caches” [PDF].