AMD Releases Firmware Update To Address SEV Vulnerability
A new security vulnerability has been made public over AMD's Secure Encrypted Virtualization (SEV) having insecure cryptographic implementations. Fortunately, this AMD SEV issue is addressed by a firmware update.
CVE-2019-9836 has been made public as the AMD Secure Processor / Secure Encrypted Virtualization exposes an insecure cryptographic implementation.
AMD has responded by providing an updated firmware that is said to address these issues. The comment we heard from an AMD representative is:
That's all we know for now, but will update on hearing anything else.
CVE-2019-9836 has been made public as the AMD Secure Processor / Secure Encrypted Virtualization exposes an insecure cryptographic implementation.
AMD has responded by providing an updated firmware that is said to address these issues. The comment we heard from an AMD representative is:
At AMD, security remains a top priority and we continue to work to identify any potential risks for our customers. Through ongoing collaboration with industry researchers AMD became aware that, if using the user-selectable AMD secure encryption feature on a virtual machine running the Linux operating system, an encryption key could be compromised by manipulating the encryption technology’s behavior. AMD released firmware-based cryptography updates to our ecosystem partners and on the AMD website to remediate this risk.
That's all we know for now, but will update on hearing anything else.
15 Comments