AMD has unveiled patches for a microprocessor flaw that could potentially compromise Secure Encrypted Virtualization (SEV) protection, allowing attackers to insert malicious microcode into AMD CPU read-only memory, as per the advisory released by AMD. This vulnerability, identified as CVE-2024-56161 with a CVSS score of 7.2, is attributed to an improper signature verification in the microcode patch loader.
The exploitation of this security flaw could grant an attacker with local administrator privileges the ability to inject malicious CPU microcode, ultimately jeopardizing the confidentiality and integrity of a confidential guest operating under AMD SEV-SNP. Since microcode is generally loaded during boot, the insertion of malicious microcode could enable attackers to manipulate CPU functionality.
To counteract the potential risks associated with this vulnerability, AMD has implemented mitigations to prevent the loading of malicious microcode. Additionally, the company has cautioned that SEV-SNP attestation support necessitates an SEV firmware update on specific platforms. By updating the system BIOS image and rebooting the platform, users can activate the mitigation and enable a confidential guest to verify its implementation through the SEV-SNP attestation report.
In response to the vulnerability’s discovery, AMD has distributed AGESA updates to original equipment manufacturers (OEMs) to address the flaw, prompting each OEM to issue BIOS updates to their respective users. The flaw came to light last week when Asus inadvertently disclosed the fix within the release notes for a beta BIOS update for select motherboards, detailing it as a microcode signature verification issue.
The vulnerability was initially reported to AMD in September and subsequently rectified by the chip manufacturer, who disseminated the fix to OEM partners in December, preceding the public disclosure by approximately 45 days. Google’s security researchers, acknowledged for bringing the vulnerability to light, have emphasized that the bug could be exploited by an attacker with root access from outside a virtual machine to introduce malicious microcode patches.
Furthermore, Google’s researchers assert that the CPU flaw stems from the use of an insecure hash function in the signature validation process for microcode updates, rendering it susceptible to exploitation for compromising confidential computing workloads protected by the latest iteration of AMD Secure Encrypted Virtualization. Notably, the researchers collaborated with AMD on the public disclosure of the vulnerability and intend to divulge additional details regarding the bug in early March.
In conjunction with addressing the CPU vulnerability, AMD has also acknowledged a cache-based side-channel attack against SEV flagged by academics from National Taiwan University. The academia recommended software developers adhere to security best practices and adhere to public guidance regarding Spectre-type attacks to mitigate the potential risks associated with these security threats.
Overall, AMD’s proactive measures in addressing the CPU vulnerability underscore the company’s commitment to bolstering the security and integrity of its products amidst evolving cybersecurity threats. By promptly addressing security flaws and collaborating with industry stakeholders, AMD aims to fortify its defense mechanisms and safeguard users against potential security breaches.