A security vulnerability, tracked as CVE-2024-56161, has been discovered in AMD’s Secure Encrypted Virtualization (SEV) feature, which could allow attackers to load malicious CPU microcode under specific conditions. This flaw, which carries a CVSS score of 7.2, arises from improper signature verification within AMD’s CPU ROM microcode patch loader. Attackers with local administrator privileges could exploit the vulnerability to compromise the confidentiality and integrity of confidential virtual machines (VMs) running under AMD’s SEV-Secure Nested Paging (SEV-SNP). SEV-SNP is designed to safeguard against hypervisor-based attacks and provide memory integrity protections, but this flaw undermines those protections.
The flaw was reported by Google security researchers, who discovered an insecure hash function in the signature validation for microcode updates.
As a result, attackers could gain unauthorized access to sensitive data in virtualized environments by exploiting the vulnerability. SEV, which uses unique encryption keys per virtual machine, is meant to isolate virtual machines from each other and the hypervisor, creating a more secure computing environment. SEV-SNP introduces additional protections for more complex workloads and better defenses against side-channel attacks, but the flaw in the microcode update process compromises its integrity.
While technical details of the flaw have been withheld for the time being, Google has released a test payload demonstrating the vulnerability’s impact. The company plans to delay full disclosure for a month to provide sufficient time for a fix to be distributed across the supply chain. AMD has acknowledged the flaw and is working to address it, although the timeline for widespread patching remains unclear. The security community has been urged to stay vigilant, especially for organizations utilizing AMD SEV-SNP in sensitive computing environments.
The disclosure of CVE-2024-56161 highlights ongoing challenges in securing virtualized computing environments, particularly in the context of confidential computing. As virtualized systems grow in popularity and complexity, so too do the risks associated with vulnerabilities that exploit the underlying hardware and firmware. This flaw serves as a reminder that even security features designed to enhance protection, like SEV-SNP, must continuously evolve to address emerging threats and maintain robust defenses.