Google's Security Team has disclosed a high-severity vulnerability in AMD's CPU microcode signature verification system, affecting multiple AMD processors.
The flaw, tracked as CVE-2024-56161, could potentially compromise confidential computing workloads protected by AMD's Secure Encrypted Virtualization (SEV) technology.
The vulnerability stems from an insecure hash function used in the signature validation process for microcode updates. Researchers demonstrated that an attacker with local administrator privileges could exploit this weakness to load malicious microcode patches on AMD Zen 1 through Zen 4 processors, potentially compromising the security of confidential computing environments.
"This vulnerability could be used by an adversary to compromise confidential computing workloads protected by the newest version of AMD Secure Encrypted Virtualization, SEV-SNP, or to compromise Dynamic Root of Trust Measurement," states the Google Security Team's advisory.
The impact is particularly significant for data center deployments, affecting multiple generations of AMD EPYC processors, including Naples (7001 series), Rome (7002 series), Milan (7003 series), and Genoa (9004 series). AMD has rated the vulnerability as "High" severity, with a CVSS score of 7.2.
AMD has released microcode updates to address the vulnerability, which have been delivered through BIOS updates.
The fixes were made available to Original Equipment Manufacturers (OEMs) on December 13, 2024, for Naples, Rome, and Milan processors and on December 16, 2024, for Genoa systems. Users can verify the implementation of the fix by checking specific TCB values for SNP in their attestation reports.
The coordinated disclosure process between Google and AMD took 131 days, with Google initially reporting the vulnerability on September 25, 2024.
Due to the complexity of the fix and its supply chain implications, Google has delayed sharing full technical details until March 5, 2025, giving organizations time to implement the necessary updates and re-establish trust in their confidential computing workloads.
Earlier also, researchers from CISPA Helmholtz Center for Information Security discovered a new software-based fault attack named CacheWarp (CVE-2023-20592) that breaks the integrity guarantees of AMD's Secure Encrypted Virtualization (SEV) technology
System administrators and data center operators are strongly advised to work with OEM vendors to obtain and apply the appropriate BIOS updates containing the new microcode versions.
The updates are crucial for environments utilizing AMD's SEV technology for confidential computing applications.