AMD on Monday announced patches for a microprocessor vulnerability that could lead to loss of Secure Encrypted Virtualization (SEV) protection, allowing attackers to load malicious microcode.
Tracked as CVE-2024-56161 (CVSS score of 7.2), the bug is described as an improper signature verification in the microcode patch loader on the AMD CPU read-only memory.
The security defect “may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP,” AMD explains in its advisory.
Given that microcode is typically loaded at boot, loading malicious microcode could allow attackers to tamper with the CPU functionality.
AMD rolled out mitigations to prevent the loading of malicious microcode, warning that SEV-SNP attestation support requires an SEV firmware update on some platforms.
“Updating the system BIOS image and rebooting the platform will enable attestation of the mitigation. A confidential guest can verify the mitigation has been enabled on the target platform through the SEV-SNP attestation report,” AMD explains.
The chip maker has released AGESA (AMD Generic Encapsulated Software Architecture) updates to OEM makers to address the flaw, and each OEM should release BIOS updates to its users.
Wind of the vulnerability was caught last week, after PC maker Asus inadvertently mentioned the fix for it in the release notes for a beta BIOS update for some of its motherboards, describing it as a microcode signature verification issue.
Google security researchers, who were credited for reporting the vulnerability, explain that the bug can be exploited by an attacker with root access from outside a virtual machine to load malicious microcode patches.
“The vulnerability is that the CPU uses an insecure hash function in the signature validation for microcode updates. This vulnerability could be used by an adversary to compromise confidential computing workloads protected by the newest version of AMD Secure Encrypted Virtualization, SEV-SNP or to compromise Dynamic Root of Trust Measurement,” the researchers say.
The issue was reported to AMD in September and the chip maker sent the fix to OEM partners in December, roughly 45 days before the public disclosure. Google’s researchers, who coordinated with AMD for public disclosure, will share additional details on the bug in early March.
On Monday, AMD also announced that it has received a report from National Taiwan University academics on cache-based side-channel attacks against SEV, recommending that software developers employ security best practices and follow public guidance on Spectre-type attacks to mitigate the issues.
Related: New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones
Related: Intel Core Ultra vPro Platform Brings New Security Features
Related: Flaws in Accusoft ImageGear Expose Users to Remote Attacks
Related: Hybrid Networks Are a Business Reality – and Most Security Can’t Keep Up
