Security News > 2023 > November > AMD SEV OMG: Trusted execution in VMs undone by bad hypervisors' cache meddling

Boffins based in Germany and Austria have found a flaw in AMD's SEV trusted execution environment that makes it less than trustworthy.

A successful attack - which assumes an attacker is running a malicious hypervisor protected by AMD SEV - could allow arbitrary code execution within a guest VM, the exposure of sensitive data, or privilege escalation.

SEV is intended to guard against the possibility of a malicious hypervisor, a level of security not provided by VMs. In a paper titled, "CacheWarp: Software-based Fault Injection using Selective State Reset," the team explains that CacheWarp is not a transient execution attack or a side-channel attack like Spectre and Meltdown.

"CacheWarp is based on our analysis of the invd instruction, which shows that invalidating dirty cache lines without triggering a write-back is feasible on AMD CPUs, even if AMD SEV is enabled," the team explains in the paper.

The boffins say that AMD was notified of their findings on April 25, 2023, and plans to issue a microcode patch for SEV-SNP and an SEV firmware update for Zen 3 EPYC Milan CPUs.

"One solution is to prevent the invd instruction from being used if AMD SEV is enabled."

News URL

https://go.theregister.com/feed/www.theregister.com/2023/11/14/amd_trusted_execution/