AMD hardware security tricks can be bypassed with a shock of electricity

Image of padlock against circuit board/cybersecurity background
(Image credit: Future)

Academics researchers have demonstrated a successful attack strategy to get around the protections provided by AMDs famed Secure Encrypted Virtualization (SEV) technology.

AMD SEV leverages the AMD Secure Processor (AMD-SP) to separate security-sensitive operations from software executing elsewhere in order to safeguard virtual machines (VM) in untrusted environments.

Researchers from Technische Universität (TU) Berlin's Security in Telecommunications group, describe how they succeeded in mounting a voltage fault injection attack, in a paper aptly titled "One Glitch to Rule Them All: Fault Injection Attacks Against AMD’s Secure Encrypted Virtualization" 

A successful attack enables the perpetrator to execute custom payloads on the AMD-SP that ships with all AMD SEV processors currently in the market, including Naples (Zen 1), Rome (Zen 2), and Milan (Zen 3).

Rude shock

According to The Register’s parsing of the paper, the bypass technique involves manipulating the input voltage to AMD systems on a chip (SoC), in order to induce an error in the read-only memory (ROM) bootloader of the AMD-SP.

Notably, the attack relies on cheap, off-the-shelf components, including a $30 Teensy µController, and a $12 flash programmer. 

However, to attack can’t be executed remotely and needs physical access to the server. An AMD spokesperson also flagged this fact when contacted by The Register, rendering any real-world implications of the vulnerability moot, unlike earlier vulnerabilities.

In addition to highlighting the issue, the researchers also suggested a couple of mitigations. One reportedly involves modifying software or hardware to detect voltage modulation, while the other involves the addition of additional circuitry to defend against voltage glitches.

Via The Register

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.