December 10, 2024 at 11:10AM
Researchers revealed that AMD’s Secure Encrypted Virtualization (SEV) can be compromised using low-cost hardware. Their “BadRAM” attack exploits the SPD chip to bypass memory access restrictions. This vulnerability undermines SEV’s integrity and affects major cloud providers, prompting AMD to prepare an advisory and recommend securing SPD locks on memory modules.
**Meeting Takeaways:**
1. **Security Vulnerability in AMD SEV**: Researchers have identified a vulnerability in AMD’s Secure Encrypted Virtualization (SEV) that can be exploited with minimal investment in hardware ($10), highlighting a significant security concern.
2. **Research Background**: The findings come from a collaboration between researchers from KU Leuven, the University of Lübeck, and the University of Birmingham, focusing on AMD’s SEV-SNP (Secure Nested Paging) enhancement.
3. **BadRAM Attack**: The study introduced the “BadRAM” attack, which can bypass TEE-based memory access restrictions using a Raspberry Pi Pico and other components. This attack requires physical access to the hardware and targets memory module configurations.
4. **Physical Memory Manipulation**: The attack exploits the SPD chip on memory modules to create “ghost” addressing bits, allowing the attacker to access secret information contained in the memory, thus undermining the integrity of the TEE.
5. **Impact on Major Cloud Providers**: The vulnerability poses a risk to cloud services employing SEV, such as Amazon AWS, Google Cloud, and Microsoft Azure.
6. **Comparison with Competitors**: Intel’s SGX and TDX are not vulnerable to this attack due to their memory aliasing countermeasures. Arm’s Confidential Compute Architecture appears secure based on specification, but was untested.
7. **Disclosure and Response**: Researchers disclosed the vulnerability to AMD on February 26, 2024. AMD has acknowledged the vulnerability (CVE-2024-21944) and plans to issue an advisory on December 10, 2024.
8. **Recommendations from AMD**: AMD recommends using locked SPD memory modules and implementing physical security best practices. Firmware updates have been released to customers to mitigate the vulnerability.
9. **Next Steps**: The researchers will present their findings at the 2025 IEEE Symposium on Security and Privacy, underscoring the ongoing relevance of security practices in cloud computing and virtualization technology.