November 16, 2023 at 04:02PM
Researchers have discovered a vulnerability in AMD CPUs that can be exploited to undermine memory protections in cloud environments. Known as CacheWarp, this vulnerability impacts first- through third-generation EPYC processors. Attackers can use the vulnerability to gain unauthorized access and perform privilege escalation. AMD has released a microcode patch for third-generation EPYC chips, but no mitigation is available for earlier generations. The researchers followed standard practice by notifying AMD and waiting for a patch before disclosing the vulnerability.
Key Takeaways:
– Researchers have discovered an exploit, known as CacheWarp, that affects certain AMD CPUs, specifically the first to third-generation EPYC processors.
– CacheWarp allows attackers to undermine memory protections and potentially perform remote code execution or escalate privileges in cloud environments.
– The vulnerability arises from a security feature called Secure Encrypted Virtualization (SEV), which is designed to encrypt VM memory. However, it can be manipulated to revert the CPU’s cache to a previous state, exposing potentially exploitable data.
– By exploiting CacheWarp, an attacker could gain unauthorized access to a guest VM, perform privilege escalation, and alter the control flow of victim programs.
– AMD has released a microcode patch on November 14 for third-generation EPYC chips to address the vulnerability. However, the patch is not available for first and second-generation EPYC processors.
– AMD explained that there was a coordinated vulnerability disclosure process followed in order to protect end users. Notification was made to affected parties, fixes were developed, and then the security bulletin and details were published.