Source URL: https://www.theregister.com/2024/12/10/amd_secure_vm_tech_undone/
Source: The Register
Title: AMD secure VM tech undone by DRAM meddling
Feedly Summary: Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory
Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not even that.…
AI Summary and Description: Yes
**Summary:** The text discusses a significant vulnerability in AMD’s Secure Encrypted Virtualization (SEV) technology, where researchers demonstrated that the security of virtual machine memory can be bypassed using relatively inexpensive hardware. This finding is critical for security professionals, particularly in cloud computing environments, as it undermines the trust in SEV and could expose sensitive data managed by cloud service providers.
**Detailed Description:**
The research conducted by scholars from KU Leuven, the University of Lübeck, and the University of Birmingham reveals vulnerabilities in AMD’s SEV technology, specifically its enhanced version known as SEV-SNP. Here are the key points raised in the text:
– **Overview of SEV Technology:**
– AMD’s Secure Encrypted Virtualization (SEV) provides a Trusted Execution Environment (TEE) to protect computation and memory, similar to Intel SGX and Arm CCA.
– These technologies are designed to prevent unauthorized access to virtual machine memory in cloud environments.
– **Discoveries of the Research Team:**
– Researchers created an attack called BadRAM that bypasses SEV-SNP protections using a Raspberry Pi Pico and other basic hardware components.
– The attack works by manipulating the SPD (Serial Presence Detect) chip on memory modules to create aliases for physical memory, thus allowing attackers to access sensitive data.
– **Significance of the Findings:**
– This attack undermines the integrity claims of SEV-SNP, as it can potentially allow malicious users with physical access (or even limited remote access) to compromise VMs protected by SEV.
– By leveraging the vulnerabilities in memory modules, attackers can manipulate memory addressing to expose secrets and introduce backdoors in software protected by SEV.
– **Impact on Various Technologies:**
– Intel’s scalable SGX and TDX are noted as not affected due to existing countermeasures against memory aliasing.
– Some DDR4 and DDR5 memory modules could be vulnerable due to improper locking of their SPD configurations, raising concerns about widespread usage in cloud services.
– **Recommendations and Response:**
– AMD has acknowledged the vulnerability, associated with CVE-2024-21944, and plans to offer advisories and firmware updates.
– The research emphasizes the importance of utilizing memory modules with protected SPD and adhering to best physical security practices.
– **Future Presentation:**
– The findings will be formally presented at the 2025 IEEE Symposium on Security and Privacy, indicating ongoing research interest and the need for ongoing vigilance in the security of cloud infrastructures.
This vulnerability not only poses a threat to AMD’s SEV technology but also serves as a reminder for cloud service providers and security professionals to rigorously assess the trustworthiness of virtual environments and the underlying hardware infrastructure managing sensitive data.