Some AMD EPYC server CPUs have a serious security flaw, so patch now

News
By Sead Fadilpašić
published

A recently discovered AMD EPYC flaw allows for privilege escalation

The AMD EPYC Genoa-X 9684X CPU
(Image credit: AMD)

Cybersecurity researchers from AMD and the Graz University of Technology have discovered a vulnerability affecting certain AMD server CPUs that allows for privilege escalation, as well as for remote code execution.

As per the report (which even has a dedicated website here), the flaw is present in AMD EPYC Processors from first to third generation, and is found in the Secure ENcrypted Virtualization-Encrypted State (SEV-ES) and Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP). Ironically enough, these technologies were introduced to protect against malicious hypervisors and shrink the attack surface of virtual machines. In other words - a feature designed to bolster security has actually compromised it. 

The flaw, dubbed CacheWarp, is tracked as CVE-2023-20592 and at press time didn’t have a severity score.

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Microcode and firmware updates

"In 3 case studies, we demonstrate an attack on RSA in the Intel IPP crypto library, recovering the entire private key, logging into an OpenSSH server without authentication, and escalating privileges to root via the sudo binary,” the researchers said in the paper.

Soon after the paper was published, AMD released a security advisory acknowledging the flaw. It said CacheWarp was found in the INVD instruction, which could result in the loss of memory integrity of SEV-ES and SEV-SNP guest virtual machines.

"Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity," AMD said.

While EPYC Processors generations 1-3 were affected, it’s just the third generation that is getting a fix. This fix is a hot-loadable microcode patch and an updated firmware image. Users are advised to address the issue immediately. AMD says the patch will not affect the devices’ performance.

Via BleepingComputer

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.