AMD Patches Multiple Memory Vulnerabilities That Leads Corrupt The Guest VM

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

Three potential vulnerabilities in Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) could allow an attacker to read or corrupt the memory of a guest VM.

To establish an isolated execution environment, (SEV-SNP) adds robust memory integrity protection to prevent malicious hypervisor-based attacks, including data replay, memory remapping, and more.

AMD fixes multiple memory flaws and recommends upgrading to the appropriate Platform Initialization (PI) firmware version.

Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access

Details Of Vulnerabilities

CVE-2024-21978- Improper Input Validation

With a Medium severity CVSS base score of 6.0, improper input validation in SEV-SNP could enable a malicious hypervisor to read or overwrite guest memory, which could result in data corruption or leaking.

CVE-2024-21980 – Improper Restriction of Write Operations 

This issue has a CVSS base score of 7.9, indicating a high severity. A malicious hypervisor may be able to overwrite a guest’s memory or UMC seed if write operations in SNP firmware are improperly restricted. The flaw could lead to a loss of confidentiality and integrity.

CVE-2023-31355 – Improper Restriction of Write Operations 

With a CVSS base score of 6.0, this flaw is classified as Medium severity. A malicious hypervisor may be able to overwrite a guest’s UMC seed through improper restriction of write operations in SEV-SNP firmware.  Hence, it allows the reading of memory from a decommissioned guest. Tom Dohrmann reported the vulnerabilities.

Affected Products And Fixes Available

  • 3rd Gen AMD EPYC™ Processors formerly codenamed “Milan” – Update to MilanPI 1.0.0.D
  • 4th Gen AMD EPYC™ Processors formerly codenamed “Genoa” – Update to GenoaPI 1.0.0.C
  • AMD EPYC™ Embedded 7003 – Update to EmbMilanPI-SP3 1.0.0.9
  • AMD EPYC™ Embedded 9003 – Update to EmbGenoaPI-SP5 1.0.0.7

AMD advises upgrading to the most recent versions to defend against the numerous memory vulnerabilities.

Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – Free Download