Pierluigi Paganini February 04, 2025

AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode.

Researchers from Google disclosed an improper signature verification vulnerability, tracked as CVE-2024-56161 (CVSS score of 7.2), in AMD’s Secure Encrypted Virtualization (SEV). An attacker could trigger the flaw to load a malicious CPU microcode under specific conditions.

“Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.” reads the advisory published by the chipmaker.

AMD’s Secure Encrypted Virtualization (SEV) is a hardware-based security feature designed to protect virtual machines (VMs) from unauthorized access, including threats from a compromised hypervisor. SEV encrypts VM memory using an encryption key unique to each VM, ensuring that even if the hypervisor is compromised, the VM’s memory remains protected.

AMD released a microcode and SEV firmware update to address the issue, requiring a BIOS update and reboot for attestation verification.

The vulnerability was reported by Google researchers Josh Eads, Kristoffer Janke, Eduardo, Vela, Tavis Ormandy, and Matteo Rizzo in September 2024.

“Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside a VM) to load malicious microcode patches. We have demonstrated the ability to craft arbitrary malicious microcode patches on Zen 1 through Zen 4 CPUs. The vulnerability is that the CPU uses an insecure hash function in the signature validation for microcode updates.” reads the advisory published by Google. “This vulnerability could be used by an adversary to compromise confidential computing workloads protected by the newest version of AMD Secure Encrypted Virtualization, SEV-SNP or to compromise Dynamic Root of Trust Measurement.”

The researchers also provided PoCs to demonstrate how to exploit this vulnerability to produce arbitrary microcode patches.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, SEV)