Skip to main content

All AMD EPYC processors could be vulnerable to some serious security flaws

AMD EPYC Milan
(Image credit: AMD)

AMD has acknowledged several arbitrary code execution vulnerabilities that impact the first three generations of its EPYC processors as well as the AMD EPYC embedded processors.

The vulnerabilities center around AMD’s Secure Encrypted Virtualization (SEV) and are outlined in two research papers, due to be presented at a prestigious security conference later in the year.

The first exploit, tracked as CVE-2020-12967, comes courtesy of researchers at Fraunhofer AISEC and the Technical University of Munich. AMD said the academic researchers leveraged previously discussed research around the lack of nested page table protection in the SEV/SEV-Encrypted State (SEV-ES) feature. 

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

The second exploit, tracked as CVE-2021-26311, was discovered by researchers at the University of Lübeck. As per AMD this research demonstrates that memory in the feature can be rearranged in the guest address space that is not detected by the attestation mechanism in SEV/SEV-ES.

Mitigations in place

While acknowledging the vulnerabilities, AMD added that exploiting them both would require physical access to the servers, which makes the vulnerabilities less severe than the ones that can be exploited remotely

The papers, which will be presented at the 15th IEEE Workshop on Offensive Technologies (WOOT’21), exploit the vulnerabilities in AMD SEV to run arbitrary code within a guest. 

Surprisingly though, while the hardware, even though the exploits impact three generations of EPYC processors, AMD has published mitigations only for the third-generation EPYC processors. 

For the other two, it simply recommends “following security best practices”. It isn’t clear whether the company plans to release mitigations for these processors at a later date.

Via Tom’s Hardware