November 14, 2023 at 01:45PM
Researchers have discovered a new attack method called CacheWarp that affects AMD processors. It poses a risk to protected virtual machines by allowing hackers to hijack control flow, break into encrypted VMs, and escalate privileges. CacheWarp is a software-based fault injection attack resulting from an architectural bug in AMD CPUs. AMD has released a security advisory with information on impacted products and patches. The researchers have published a paper, launched a dedicated website, and shared videos demonstrating the vulnerability.
Meeting Takeaways:
– Researchers have discovered a new attack method called CacheWarp that affects AMD processors.
– CacheWarp specifically targets AMD Secure Encrypted Virtualization (SEV), a feature designed to protect virtual machines (VMs) from the underlying hypervisor.
– The attack allows malicious hackers to hijack control flow, break into an encrypted VM, and escalate privileges.
– CacheWarp is a software-based fault injection attack caused by a hardware issue in AMD CPUs, rather than a transient-execution or side-channel attack.
– Any system with an AMD CPU that supports SEV can be impacted, but only users who deploy secure VMs using SEV are at risk.
– AMD is aware of the issue and has published a security advisory with information on affected products and patches.
– The researchers have released a paper detailing their findings and have launched a website offering a summary of the CacheWarp attack.
– They have also shared videos demonstrating how the vulnerability can be used to bypass OpenSSH authentication and escalate privileges to root via Sudo.
– The vulnerability is tracked as CVE-2023-20592.