This AMD Vulnerability Needs Some Epyc Patches
If You Can Dodge A Rowhammer, You Can Dodge SEV
If you happen to be running an Epyc processor in your servers you should be scheduling some time to patch it, as a vulnerability in Secure Encrypted Virtualization technology has been revealed. If you are running SEV firmware version 0.17 build 11 and below you should follow the link over at The Register to get your hands on the patch and instructions. Without the upgrade it is possible for an attacker with access to your system to feed it doctored code which will allow them to capture and then piece together the private key which AMD’s SEC depends on to keep your data secure.
The description of SEC and how this attack works is much more interestingly technical than we usually see in a release, so it is worth reading through to learn about how this Epyc feature works, as well as what is required to try to exploit it.
The attacker has to have access to the management interfaces of SEV with sufficient privileges. That may or may not be admin privileges depending on how SEV is being used.
More Tech News From Around The Web
- Nvidia to reveal trio of ‘Super’ GeForce RTX cards on 2 July @ The Inquirer
- Reverse Engineering Cyclic Redundancy Codes @ Hackaday
- Microsoft: 2TB or not 2… OK, OK! 2TB. OneDrive dragged kicking and screaming into selling more storage @ The Register
- Google begins rollout of controls that let you auto-delete your personal data @ The Inquirer
- WireGuard on Windows early preview @ Ars Technica
- A DIY Internet Network In NYC Now Covers Large Parts of Manhattan and Brooklyn @ Slashdot
- What’s The Deal With Square Traces On PCBs @ Hackaday
- Thermaltake Level 20 BattleStation RGB Gaming Desk @ Kitguru
