Security News Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,112
Content source
https://www.securityweek.com/protected-virtual-machines-exposed-to-new-cachewarp-amd-cpu-attack/
A team of researchers has disclosed the details of a new attack method affecting a security feature present in AMD processors, demonstrating the risk it can pose to protected virtual machines (VMs).

The attack method, named CacheWarp, was discovered by researchers from the CISPA Helmholtz Center for Information Security in Germany, the Graz University of Technology in Austria, and independent researcher Youheng Lu.

CacheWarp affects AMD Secure Encrypted Virtualization (SEV), a CPU extension designed for isolating VMs from the underlying hypervisor at the hardware level, enabling developers to securely deploy VMs even if the hypervisor is untrusted. AMD SEV provides protection by encrypting VM data, including memory and register state.

The feature, particularly the new SEV-SNP (Secure Nested Paging), is highly useful for protecting sensitive data in cloud environments, securing VMs even against compromised or untrusted cloud providers.

According to the researchers who discovered the attack method, CacheWarp can allow malicious hackers to hijack control flow, break into an encrypted VM, and escalate privileges.

“For a simple example,” the researchers explained, “assume you have a variable determining whether a user is successfully authenticated. By exploiting CacheWarp, an attacker can revert the variable to a previous state and thus take over an old (already authenticated) session. Furthermore, an attacker can manipulate the return address stored on the stack and, by that, change the control flow of a victim program.”
Click to expand...
 
  • +Reputation
  • Like
Reactions: vtqhtr413, Jonny Quest, Gandalf_The_Grey and 2 others
F

ForgottenSeer 103564

CacheWarp has been described as a software-based fault injection attack that is possible due to a hardware issue in AMD CPUs. The researchers pointed out that the root cause is an architectural bug, and CacheWarp is not a transient-execution or side-channel attack, like many other CPU attack methods disclosed in recent years.
Click to expand...

Imagine a bug allowing hackers to target virtual machines, imagine virtual machines being vulnerable. Understand that only users utilizing SEV (secure encrypted virtualization) are vulnerable, an extension designed to secure and isolate VMs from the underlying hypervisor. Imagine this being exploited. Understand it's just an example of the illusion most have that VMs are bullet proof and can safely do dangerous things in.
 
  • Like
  • +Reputation
  • Applause
Reactions: silversurfer, vtqhtr413, Jonny Quest and 2 others

Similar threads

Gandalf_The_Grey
    • Like
    • Sad
    • Wow
Security News OneBlood's virtual machines encrypted in ransomware attack
Replies
1
Views
2,828
Security News
cartaphilus
cartaphilus
silversurfer
    • +Reputation
    • Like
Security News Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
Replies
0
Views
1,848
Security News
silversurfer
silversurfer
silversurfer
    • Like
    • Wow
    • +Reputation
Security News 300,000 Systems Vulnerable to New Loop DoS Attack
Replies
2
Views
4,027
Security News
cartaphilus
cartaphilus

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top