Security News Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,178
Content source
https://www.securityweek.com/protected-virtual-machines-exposed-to-new-cachewarp-amd-cpu-attack/
A team of researchers has disclosed the details of a new attack method affecting a security feature present in AMD processors, demonstrating the risk it can pose to protected virtual machines (VMs).

The attack method, named CacheWarp, was discovered by researchers from the CISPA Helmholtz Center for Information Security in Germany, the Graz University of Technology in Austria, and independent researcher Youheng Lu.

CacheWarp affects AMD Secure Encrypted Virtualization (SEV), a CPU extension designed for isolating VMs from the underlying hypervisor at the hardware level, enabling developers to securely deploy VMs even if the hypervisor is untrusted. AMD SEV provides protection by encrypting VM data, including memory and register state.

The feature, particularly the new SEV-SNP (Secure Nested Paging), is highly useful for protecting sensitive data in cloud environments, securing VMs even against compromised or untrusted cloud providers.

According to the researchers who discovered the attack method, CacheWarp can allow malicious hackers to hijack control flow, break into an encrypted VM, and escalate privileges.

“For a simple example,” the researchers explained, “assume you have a variable determining whether a user is successfully authenticated. By exploiting CacheWarp, an attacker can revert the variable to a previous state and thus take over an old (already authenticated) session. Furthermore, an attacker can manipulate the return address stored on the stack and, by that, change the control flow of a victim program.”
Click to expand...
 
  • +Reputation
  • Like
Reactions: vtqhtr413, Jonny Quest, Gandalf_The_Grey and 2 others
F

ForgottenSeer 103564

CacheWarp has been described as a software-based fault injection attack that is possible due to a hardware issue in AMD CPUs. The researchers pointed out that the root cause is an architectural bug, and CacheWarp is not a transient-execution or side-channel attack, like many other CPU attack methods disclosed in recent years.
Click to expand...

Imagine a bug allowing hackers to target virtual machines, imagine virtual machines being vulnerable. Understand that only users utilizing SEV (secure encrypted virtualization) are vulnerable, an extension designed to secure and isolate VMs from the underlying hypervisor. Imagine this being exploited. Understand it's just an example of the illusion most have that VMs are bullet proof and can safely do dangerous things in.
 
  • Like
  • +Reputation
  • Applause
Reactions: silversurfer, vtqhtr413, Jonny Quest and 2 others

Similar threads

silversurfer
    • Like
    • Wow
    • +Reputation
Security News 300,000 Systems Vulnerable to New Loop DoS Attack
Replies
0
Views
910
Security News
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack
Replies
0
Views
1,211
Security News
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • Like
    • Wow
    • +Reputation
Security News Graphics card flaw enables data theft in AMD, Apple, and Qualcomm chips
Replies
0
Views
1,246
Security News
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top