AMD has acknowledged several arbitrary code execution vulnerabilities that impact the first three generations of its EPYC processors as well as the AMD EPYC embedded processors.
The vulnerabilities center around AMD’s Secure Encrypted Virtualization (SEV) and are outlined in two research papers, due to be presented at a prestigious security conference later in the year.
The first exploit, tracked as CVE-2020-12967, comes courtesy of researchers at Fraunhofer AISEC and the Technical University of Munich. AMD said the academic researchers leveraged previously discussed research around the lack of nested page table protection in the SEV/SEV-Encrypted State (SEV-ES) feature.
- These are the best endpoint protection tools
- Check our list of the best firewall apps and services
- Here's our choice of the best malware removal software on the market
The second exploit, tracked as CVE-2021-26311, was discovered by researchers at the University of Lübeck. As per AMD this research demonstrates that memory in the feature can be rearranged in the guest address space that is not detected by the attestation mechanism in SEV/SEV-ES.
Mitigations in place
While acknowledging the vulnerabilities, AMD added that exploiting them both would require physical access to the servers, which makes the vulnerabilities less severe than the ones that can be exploited remotely.
The papers, which will be presented at the 15th IEEE Workshop on Offensive Technologies (WOOT’21), exploit the vulnerabilities in AMD SEV to run arbitrary code within a guest.
Surprisingly though, while the hardware, even though the exploits impact three generations of EPYC processors, AMD has published mitigations only for the third-generation EPYC processors.
For the other two, it simply recommends “following security best practices”. It isn’t clear whether the company plans to release mitigations for these processors at a later date.
- Protect your devices with these best antivirus software
Via Tom’s Hardware
