This AMD Vulnerability Needs Some Epyc Patches

Source: The Register This AMD Vulnerability Needs Some Epyc Patches

If You Can Dodge A Rowhammer, You Can Dodge SEV

If you happen to be running an Epyc processor in your servers you should be scheduling some time to patch it, as a vulnerability in Secure Encrypted Virtualization technology has been revealed.  If you are running SEV firmware version 0.17 build 11 and below you should follow the link over at The Register to get your hands on the patch and instructions.  Without the upgrade it is possible for an attacker with access to your system to feed it doctored code which will allow them to capture and then piece together the private key which AMD’s SEC depends on to keep your data secure.

The description of SEC and how this attack works is much more interestingly technical than we usually see in a release, so it is worth reading through to learn about how this Epyc feature works, as well as what is required to try to exploit it.

The attacker has to have access to the management interfaces of SEV with sufficient privileges. That may or may not be admin privileges depending on how SEV is being used.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!