Announcement

Collapse
No announcement yet.

AMD Releases Firmware Update To Address SEV Vulnerability

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AMD Releases Firmware Update To Address SEV Vulnerability

    Phoronix: AMD Releases Firmware Update To Address SEV Vulnerability

    A new security vulnerability has been made public over AMD's Secure Encrypted Virtualization (SEV) having insecure cryptographic implementations. Fortunately, this AMD SEV issue is addressed by a firmware update...

    http://www.phoronix.com/scan.php?pag...ility-Micro-Up

  • #2
    Typos:

    Originally posted by phoronix View Post
    CVE-2019-9836 has been made pulic as the AMD Secure Processor / Secure Encrypted Virtualization having an insecure cryptographic implementation.

    Comment


    • #3
      Now that AMD's market position is rapidly strengthening, I think they could stand to benefit from attracting more people to audit their security. Open up the PSP firmware, hire some credible full-time auditors, and set the bounties high for the public researcher.

      Comment


      • #4
        Originally posted by tildearrow
        Is this part of the AMDFLAWS fiasco?
        What fiasco? None of that nonsense is remotely exploitable, like the intel flaws are. In fact, all the amdflaws stuff requires you to already have physical access to the hardware, access to the BIOS to load an untrusted ROM image, access to the server vendor's signing keys, and other improbable prerequisites that can only be exploited by an insider threat i.e. a sysadmin employee or similar. Nothing to see here, yawn.

        intel's meltdown fiasco on the other hand, is truly frightening. remotely exploitable access to the entire server memory space, and no way to even detect if you've been hit. Scary to be an intel customer these days, for sure.
        Last edited by torsionbar28; 06-25-2019, 11:56 PM.

        Comment


        • #5
          This particular issue allows an attacker to get you to use your ECCDH private key (which is stored in the firmware) with a specially crafted invalid curve. The VM code itself needs to be malicious (easy on bare metal cloud?). This key is I believe used to encrypt memory for the VM so other VMs cannot read it. The invalid response to the VM can then be used to recover the private key used to encrypt ALL the VMs on that system. This would probably need to be combined with another exploit that allows you to read memory you should not otherwise have access to, then decrypt it with the recovered private key

          Comment


          • #6
            Originally posted by torsionbar28 View Post
            What fiasco? None of that nonsense is remotely exploitable.
            Those are vulnerabilities of Platform Security Processor (PSP) - an obscure proprietary mechanism that was supposed to make system more secure. Of course any flaw in it that makes system less secure could be considered 'fiasco'.

            Comment


            • #7
              Originally posted by khnazile View Post
              Those are vulnerabilities of Platform Security Processor (PSP) - an obscure proprietary mechanism that was supposed to make system more secure. Of course any flaw in it that makes system less secure could be considered 'fiasco'.
              Way to have a storm in a teacup

              Comment


              • #8
                Originally posted by khnazile View Post
                Those are vulnerabilities of Platform Security Processor (PSP) - an obscure proprietary mechanism that was supposed to make system more secure. Of course any flaw in it that makes system less secure could be considered 'fiasco'.
                He was talking about that AMDFLAWS was not a fiasco, he never said that the vulnerability in the article wasn't severe.

                Comment


                • #9
                  I bet Intel is jealous of vulnerabilities with such a low impact to the general public. I assume not many people encrypt memory of their virtual machines.

                  Comment


                  • #10
                    Originally posted by DoMiNeLa10 View Post
                    I bet Intel is jealous of vulnerabilities with such a low impact to the general public. I assume not many people encrypt memory of their virtual machines.
                    That's a good point. This flaw, at it's very worst, makes AMD servers on-par (i.e. using unencrypted RAM) with intel's products, lol.

                    Comment

                    Working...
                    X