AMD warned about identifying two attack methods to get around The protection mechanism AMD SEV (Secure Encrypted Virtualization). The problem affects the first, second and third generation of AMD EPYC processors (based on Zen1 – Zen3 microarchitecture), as well as embedded AMD EPYC processors.
AMD SEV at the hardware level provides transparent encryption of the memory of virtual machines, in which access to decryne data has only the current guest system, and the remaining virtual machines and hypervisor when trying to appeal to this memory receive an encrypted data set. The identified problems allow an attacker having an administrator right on the server and controlling the work of the hypervisor, bypass AMD SEV restrictions and execute its code in the context of protected virtual machines.
Revealed Problems:
- CVE-2021-26311 (attack undeserved ) – through manipulation with a change in the order of the memory blocks in the address space of the guest system in the presence of control over the hypervisor you can perform your code in the guest Virtual machine, despite the use of AMD SEV / SEV-ES protection. The researchers prepared a prototype of a universal exploit that regrouping blocks
UEFI loaded and using return-oriented programming reception (ROP – RETURN-ORIENTED PROGRAMMING) to organize an arbitrary code. - CVE-2020-12967 (attack severity ) – lack of proper protection of nested memory tables In AMD SEV / SEV-ES, if you have access to a hypervisor, organize a code substitution to the core of the guest system and organize the transmission of the control of this code. The method allows you to get complete control over the secure guest system and remove confidential data from it.
To counteract the proposed attack methods, AMD has prepared the extension SEV-SNP (Secure Nested Paging) available in the form of firmware update for the third generation of AMD EPYC processors and ensures secure operation with the invested tables of memory pages. In addition to the general memory encryption and the SEV-ES extension (Encrypted state) that protects the CPU registers, the SEV-SNP is implemented additional means to protect the integrity of the memory capable of confronting attacks from hypervisors and providing additional protection against third-party attacks.