AMD closes serious microcode vulnerability – via microcode update
For cloud servers with Epyc processors, RAM encryption can be bypassed to seal off virtual machines. The first updates are available.
Server-CPU AMD Epyc 7763
(Image: c’t Magazin)
The Secure Encrypted Virtualization (SEV) function of AMD server processors is less secure than the name suggests: Google researchers found that Epyc processors are sloppy when it comes to signature verification of microcode updates.
Because such microcode updates intervene deeply in CPU functions, they enable serious manipulations. The Google team published a proof of concept (PoC) that shatters the RDRAND instruction: Instead of a random number, it always returns the value 4. This weakens cryptographic algorithms that use RDRAND. And this in turn can also be used to override the aforementioned SEV RAM encryption, which is used, among other things, to securely separate virtual machines (VMs) running in parallel on the same server, for example for confidential computing.
Google itself uses AMD SEV (or SEV-SNP), for example, to synchronize passkeys between different devices of logged-in Google users (Google Password Manager, GPM). The actual passkeys are not synchronized at all, but only exist in secure enclaves on cloud servers.
Videos by heise
Confidential computing
To inject a manipulated microcode update into an Epyc processor, the attacker must have administrator rights. However, confidential computing functions such as AMD SEV, Intel SGX/TDX or ARMv9-CCA aim to deny administrators access to protected data by creating Trusted Execution Environments (TEEs) with cryptographically verifiable operating status (remote attestation).
According to the theory – –, users of such TEEs only have to trust the manufacturer of the respective CPU, who embeds the signature chain for remote attestation in its hardware and firmware.
Because these security functions are so important, many experts are working on them. Gaps are frequently discovered.
First BIOS updates are available
AMD describes the "SEV Confidential Computing Vulnerability" in the AMD Security Bulletin AMD-SB-3019, it also carries the CVE-2024-56161. The risk was classified as high with 7.2 points.
Accordingly, the Epyc series 7001 (Naples), 7002 (Rome), 7003 (Milan/Milan-X) and 9004 (Genoa, Genoa-X, Bergamo, Siena) are affected.
The microcode updates can also be distributed to the servers via the update functions of the operating systems. However, additional BIOS updates are required for the remote attestation for SEAV-SNP to function correctly. AMD has already distributed these to server and mainboard manufacturers in the form of new AGESA firmware modules. Some companies are already providing BIOS updates:
According to Supermicro, they are working on it.
Asus had already inadvertently released BIOS updates at the end of January with reference to an AMD Microcode Signature Verification Vulnerability.
(ciw)
