0
Please log in or register to do it.

A group of academics has disclosed a new “software fault attack” on AMD’s Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation.

The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security and the Graz University of Technology. It impacts AMD CPUs supporting all variants of SEV.

“For this research, we specifically looked at AMD’s newest TEE, AMD SEV-SNP, relying on the experience from previous attacks on Intel’s TEE,” security researcher Ruiyi Zhang told The Hacker News. “We found the ‘INVD’ instruction [flush a processor’s cache contents] could be abused under the threat model of AMD SEV.”

SEV, an extension to the AMD-V architecture and introduced in 2016, is designed to isolate VMs from the hypervisor by encrypting the memory contents of the VM with a unique key.

XmarToken Presale
Why Defenders Should Embrace a Hacker Mindset

Your email address will not be published. Required fields are marked *