AMD Releases Firmware Update To Address SEV Vulnerability

Written by Michael Larabel in AMD on 25 June 2019 at 09:50 PM EDT. 15 Comments
AMD
A new security vulnerability has been made public over AMD's Secure Encrypted Virtualization (SEV) having insecure cryptographic implementations. Fortunately, this AMD SEV issue is addressed by a firmware update.

CVE-2019-9836 has been made public as the AMD Secure Processor / Secure Encrypted Virtualization exposes an insecure cryptographic implementation.

AMD has responded by providing an updated firmware that is said to address these issues. The comment we heard from an AMD representative is:
At AMD, security remains a top priority and we continue to work to identify any potential risks for our customers. Through ongoing collaboration with industry researchers AMD became aware that, if using the user-selectable AMD secure encryption feature on a virtual machine running the Linux operating system, an encryption key could be compromised by manipulating the encryption technology’s behavior. AMD released firmware-based cryptography updates to our ecosystem partners and on the AMD website to remediate this risk.

That's all we know for now, but will update on hearing anything else.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week