Exploit discovered in amd secure encrypted virtualization

Secure Encrypted Virtualization (SEV) has been touted by AMD as one of the most important features of AMD EPYC and Ryzen Pro processors. It is an encryption technology for parts of the host machine's memory that host virtual machines, preventing the host from reading data from the virtualized system memory.

Secure Encrypted Virtualization has a major security issue

This innovative Secure Encrypted Virtualization technology is designed to build trust in cloud computing, and in the shared hosting industries, so small businesses with sensitive data present on the Web could have peace of mind and wouldn't have to spend a lot money on dedicated hosting. Unfortunately, a Germany-based IT security research team has discovered that this technology is not as secure as previously thought.

We recommend reading our post on Patriot Viper RGB, RGB memories managed by high-performance software

Researchers have used a technique called "Severed" to bypass Secure Encrypted Virtualization and copy information from the virtualized machine's memory. This exploit involves altering the physical memory allocations of the guest machine using standard page tables, so Secure Encrypted Virtualization cannot properly isolate and encrypt parts of the memory on the guest system in physical memory. This exploit could even extract plain text information from compromised guests.

The best solution seems to be to provide complete integrity and protection of guest pages in addition to encryption, as is done in Intel SGX technology. However, this is likely to be costly to protect entire virtual machines.

A new security problem in current processors that adds to the already long list of vulnerabilities caused by Specter.

Theregister font