In AMD’s Secure Encrypted Virtualization ( SEV ) a security flaw was discovered that could allow a hacker to load a malicious CPU microcode under specific circumstances.
The weakness, tracked as CVE-2024-56161, carries a CVSS report of 7.2 out of 10.0, indicating great severity.
According to an expert from AMD,” Proper signature verification in the AMD CPU ROM microcode patch loader may permit a destructive CPU microcode to be loaded with regional administrator privileges, resulting in the loss of confidentiality and integrity of a private guest running under AMD SEV-SNP.”
The intel credited Facebook security experts Josh Eads, Kristoffer Janke, Eduardo Vela, Tavis Ormandy, and Matteo Rizzo for discovering and reporting the flaw on September 25, 2024.
SEV is a stability feature that separates online machines (VMs) and the host from one another using a special code per electronic equipment. In order to make an isolated execution environment and protect against hypervisor-based problems, SNP, which stands for Secure Nested Paging, incorporates memory dignity privileges.
According to AMD, “SEV-SNP introduces many more additional security enhancements designed to support further Workstation use models, provide stronger protection against hinder behavior, and offer increased protection against recently disclosed side channel attacks.”
CVE-2024-56161 is the result of an insecure hash function in the microcode update signature validation, which could expose a scenario where a hacker could compromise confidential computing workloads, according to a separate bulletin from Google.
In order to allow the fix to be spread across the “deep supply chain,” the company has also released a test payload to demonstrate the vulnerability. However, additional technical details have been withheld for another month.