Monday, May 17th 2021

Two New Security Vulnerabilities to Affect AMD EPYC Processors

AMD processors have been very good at the field of security, on par with its main competitor, Intel. However, from time to time, researchers find new ways of exploiting a security layer and making it vulnerable to all kinds of attacks. Today, we have information that two new research papers are being published at this year's 15th IEEE Workshop on Offensive Technologies (WOOT'21) happening on May 27th. Both papers are impacting AMD processor security, specifically, they show how AMD's Secure Encrypted Virtualization (SEV) is compromised. Researchers from the Technical University of Munich and the University of Lübeck are going to present their papers on CVE-2020-12967 and CVE-2021-26311, respectfully.

While we do not know exact details of these vulnerabilities until papers are presented, we know exactly which processors are affected. As SEV is an enterprise feature, AMD's EPYC lineup is the main target of these two new exploits. AMD says that affected processors are all of the EPYC embedded CPUs and the first, second, and third generation of regular EPYC processors. For third-generation EPYC CPUs, AMD has provided mitigation in SEV-SNP, which can be enabled. For prior generations, the solution is to follow best security practices and try to avoid an exploit.
AMD EPYC Processor
Source: AMD Security
Add your own comment

39 Comments on Two New Security Vulnerabilities to Affect AMD EPYC Processors

#1
DeathtoGnomes
waiting patiently for the opposing team to say the sky is falling.

May 27th is the date for that little get together.
Posted on Reply
#2
AleksandarK
DeathtoGnomes
How long til the white paper is released?
WOOT 2021 is on May 27th, so that's the day.
Posted on Reply
#4
DeathtoGnomes
AleksandarK
WOOT 2021 is on May 27th, so that's the day.
hehe I edited while you replied.
Posted on Reply
#5
mtcn77
Raevenlord
A new security vulnerability has been found that only affects Intel CPUs - AMD users need not concern regarding this issue.
Cuckoo alert.
Posted on Reply
#6
GeorgeJr
AMD processors have been very good at the field of security, on par with its main competitor, Intel
I love that 1st sentence.
Posted on Reply
#7
Caring1
"AMD processors have been very good at the field of security, on par with superior to its main competitor, Intel."

Fixed that.
Posted on Reply
#8
Melvis
GeorgeJr
I love that 1st sentence.
Thats exactly what i was about to say! :roll:

Someone had there head in the sand with the amount of security exploits Intel has had with there CPUs from the last 15yrs lol
Posted on Reply
#9
voltage
DeathtoGnomes
waiting patiently for the opposing team to say the sky is falling.

May 27th is the date for that little get together.
I bet you were the one who said it when the focus was on Intel. ha!

It will be nice when two more generations of hardware mitigation have been implemented. As stated in other articles in the past two years, all processor companies are suppose to implement by the end of 2023. Hopefully by then most of these flaws will be fixed.

research yourself, on google or bing etc.
Posted on Reply
#10
ZoneDymo
tinfoil hat time:

what if companies deliberately leave these vulnerabilities in and then themselves expose these leading them to have to fix it at the cost of performance so they can sell you newer "now MUCH faster" processors, aka, form of planned obsolescence. :eek:

time to wake up sheeple !
Posted on Reply
#11
The red spirit
I may come off as somewhat an idiot here, but do those vulnerabilities even matter to anyone? Pretty much every CPU is vulnerable in some ways and hardly anyone cared about that before spectre and meltdown. I don't really think that it's truly as relevant problem as media says. BTW every processor ever made has some list of errata, which is often not fixed completely.
Posted on Reply
#12
Imsochobo
The red spirit
I may come off as somewhat an idiot here, but do those vulnerabilities even matter to anyone? Pretty much every CPU is vulnerable in some ways and hardly anyone cared about that before spectre and meltdown. I don't really think that it's truly as relevant problem as media says. BTW every processor ever made has some list of errata, which is often not fixed completely.
Yes they do.

"
The exploits mentioned in both papers require a malicious administrator to have access in order to compromise the server hypervisor.

"

This is not that much of an issue for many, it defends My VM at Microsoft, Amazon or wherever from other VM's.

However, AMD SEV also has a sales point of protecting me against Microsoft, Amazon or whatever as they should not know what's even going on in my VM hosted by them, so while it's not meltdown levels of security flaw it's a security issue that goes straight up against one of amd's sales points of SEV.

We'll have to wait and see if it matters, or is purely proof of concept or if it's patched or just.. broken SEV from that point of view.
Posted on Reply
#13
The red spirit
Imsochobo
Yes they do.

"
The exploits mentioned in both papers require a malicious administrator to have access in order to compromise the server hypervisor.

"

This is not that much of an issue for many, it defends My VM at Microsoft, Amazon or wherever from other VM's.

However, AMD SEV also has a sales point of protecting me against Microsoft, Amazon or whatever as they should not know what's even going on in my VM hosted by them, so while it's not meltdown levels of security flaw it's a security issue that goes straight up against one of amd's sales points of SEV.

We'll have to wait and see if it matters, or is purely proof of concept or if it's patched or just.. broken SEV from that point of view.
Perhaps in such case it does matter a bit, but still I'm pretty sure that CPUs have some other vulnerabilities anyway, so stressing out about the latest one seems a bit pointless.
Posted on Reply
#14
Raevenlord
News Editor
mtcn77
Cuckoo alert.
It's a different issue, son.
Posted on Reply
#15
Camm
Somewhat significant, but if you have to compromise the Hypervisor to do it, its really only of concern when running in public cloud and you don't trust the vendor running it to secure the hypervisor.
Posted on Reply
#16
DeathtoGnomes
ZoneDymo
what if companies deliberately leave these vulnerabilities in
Would it surpirse you if this was a request by a government agency, like the NSA?
Posted on Reply
#18
lexluthermiester
DeathtoGnomes
Would it surpirse you if this was a request by a government agency, like the NSA?
How would such entities pull off an exploit? They would still need physical access and at that point there are much easier way to gain access to the data they might want. Unless you're a high profile target, you still have almost completely nothing to worry about.
1d10t
CVE-2021-26311

CVE-2020-12967

Basically its possible, but not on guest or hosted VM side, for user / consumer perspective this should be harmless.
Those have no technical data links.
Posted on Reply
#19
1d10t
lexluthermiester
Those have no technical data links.
There are reference link if you want dig further.
Posted on Reply
#20
Tomorrow
The red spirit
I may come off as somewhat an idiot here, but do those vulnerabilities even matter to anyone? Pretty much every CPU is vulnerable in some ways and hardly anyone cared about that before spectre and meltdown. I don't really think that it's truly as relevant problem as media says. BTW every processor ever made has some list of errata, which is often not fixed completely.
It starts to matter if fixes for these vulnerabilities cause performance loss like it did with those Intel models that did not have hardware mitigations. On older CPU's there can be a severe performance penalty when they are fully patched. The newer ones have hardware mitigations and are thus much less affected.

So from average users perspective these vulnerabilities do matter but not in terms of security.
Posted on Reply
#21
mtcn77
Raevenlord
It's a different issue, son.
Like who issued the vulnerability, I say it's even.
AleksandarK
the University of Lübeck
Raevenlord
in partnership with the University of Lübeck
Posted on Reply
#22
lexluthermiester
1d10t
There are reference link if you want dig further.
And I quoted those in my above post. The white papers have not been released and the vulnerabilities are still being investigated.
Posted on Reply
#23
BorisDG
Now since AMD are catching up with market share, I won't be surprised if they ended having more vulnerabilities than Intel. LUL
Posted on Reply
#24
1d10t
lexluthermiester
And I quoted those in my above post. The white papers have not been released and the vulnerabilities are still being investigated.
Oh, so you're implying that my post are redundant.
Posted on Reply
#25
mtcn77
1d10t
Oh, so you're implying that my post are redundant.
Don't take his snarks personal. In some sense he is right, there is no vulnerability unless we know it...
Posted on Reply
Add your own comment