An international group of researchers has discovered a serious vulnerability in the AMD EPYC 7003 processor security system, which allows attackers to circumvent virtual machine protection mechanisms. This attack, called Badram, can fully compromise the AMD Secrypted Virtualization (SEV-SNP) technology, which is widely used by major cloud providers such as Amazon AWS, Google Cloud, and Microsoft Azure.
In the realm of cloud computing, confidential data such as medical records, financial information, and classified legal documents are stored on servers located in data centers thousands of kilometers away from the companies responsible for their security. To address this security concern, chip manufacturers began embedding protective mechanisms directly into silicon to safeguard data even in the event of physical server hacking or malware infection.
The Badram attack targets AMD EPYC 7003 processors, exploiting the SEV-SNP function designed to cryptographically verify the integrity of virtual machines to prevent compromise by individuals with physical access to the server. This attack can be conducted by a server administrator in a matter of minutes using inexpensive equipment or software, causing SEV-SNP to fail in generating a cryptographic hash confirming system integrity even when a virtual machine is compromised.
With the increasing use of encryption to protect sensitive data in RAM, especially in cloud environments with a high risk of data breaches, AMD SEV technology aims to provide confidentiality and isolation for virtual machine memory to thwart potential attacks. However, the Badram attack reveals that the SEV-SNP protection mechanism can be bypassed by manipulating the built-in SPD chip on commercial DRAM modules, allowing attackers to introduce backdoors into protected virtual machines.