AMD VM security tools can be bypassed, allowing hackers to infiltrate your devices, experts warn
- University researchers find a way to trick AMD’s secure VM technology into sharing sensitive information
- AMD has released a security advisory with recommended solutions
- The bug requires physical access, but in some scenarios can only be exploited via software
AMD Virtual Machine (VM) security tools can be bypassed, allowing cybercriminals to infiltrate devices and steal sensitive data, experts warn.
Security researchers from multiple universities in the EU and UK outlined how AMD chips come with Secure Encrypted Virtualization (SEV), a security feature designed to encrypt the memory of virtual machines (VM) to protect it from unauthorized access, including by the hypervisor or other VMs. SEV uses hardware-based encryption keys that are unique to each VM, keeping data confidential and tamper-resistant, even in shared environments.
Recently, AMD upgraded SEV with Secure Nested Paging (SNP), an enhancement that aims to ensure the integrity of a virtual machine’s memory by validating memory page tables and preventing unauthorized changes by the hypervisor. However, the researchers claim that SNP can be bypassed if the attacker has physical access to the target device. They used a Raspberry Pi Pico to ‘fake’ extra RAM and extracted secrets from it. They call the attack BadRAM.
Attacks with and without hardware
By exploiting the Serial Presence Detect (SPD) chip on the memory module, they created aliases for physical memory, which they could later access.
“In our attacks, we double the apparent size of the Dual Inline Memory Module (DIMM) installed in the system to trick the CPU’s memory controller into using additional ‘ghost’ addressing bits,” the researchers said in a research paper with entitled “BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments”.
“These addressing bits will remain unused within the virtually enlarged DIMM, creating an interesting aliasing effect where two different physical addresses now point to the same DRAM location.”
The technique works on DDR4 and DDR5 memory, and there is even a possibility to use it without hardware, if the SPD chip remains unlocked (which according to The Registeris sometimes the case).
In response, AMD issued a security advisory and is now tracking the issue as CVE-2024-21944. It has been given a severity score of 5.4 (average). It recommends using memory modules that lock SPD, and following best practices for physical security. “In addition, the AGESA and SEV FW versions listed below have been released to the Original Equipment Manufacturers (OEM) to address this issue. Consult your OEM for the BIOS update specific to your product.”
More details can be found here.
Via The Register