Security vulnerabilities have been disclosed in AMD’s secure encrypted virtualization (SEV), and attackers can load malicious CPU microcodes under certain conditions.
The defect tracked as the CVE-2024-56161 has a 7.2 CVSS score out of 10.0, indicating a high degree of severity.
“Inappropriate signature verification of the AMD CPU ROM microcode patch loader, a confidential guest run under AMD SEV-SNP by loading malicious CPU microcodes by an attacker with local administrators privileges. AMD states in the advisory, “which can cause confidentiality and consistency loss.
The chip manufacturer praised the defect on September 25, 2024 and praised Google Security Researchers Josh Eads, KristOffer Junke, Eduardo Vela, Tavis Ormandy, and Matteo Rizzo.
SEV is a security function that separates virtual machines (VM) and hypervisor with each other using a unique key for each virtual machine. SNP, which stands for safe nested paging, incorporates memory consistency protection, creates an isolated execution environment and protects hypervisor -based attacks.
“SEV-SNP has introduced some additional security enhancement of some additional options designed to support additional VM models, providing strong protection, focusing on interrupt behavior, and recently disclosed side channel. We provide an increase in protection against attacks. “
In another bulletin, Google pointed out that CVE-2024-56161 is the result of the non-secure hash function in the microcode renewal signing verification, and the enemy opens a door to a scenario that infringes confidential computing workloads. did.
The company has also released a test payload to demonstrate the vulnerabilities, but has more technical details to give enough time for correction to be transmitted to the entire “Deep Supply Chain”. Is postponed month.
Source link
