A new vulnerability in SEV technology affects cloud computing

Power outage period: November 14, 2023 at 7:00 p.m

A new vulnerability in SEV technology affects cloud computing

Using “CacheWarp”, researchers from CISPA and the Graz University of Technology discovered a new software attack on the “Secure Encrypted Virtualization” (SEV) security technology from the processor manufacturer AMD. SEV is used to encrypt virtual machines and aims to ensure data security on cloud services. Until recently, CacheWarp enabled bypassing the latest versions of the security feature, SEV-ES (Encrypted State) and SEV-SNP (Secure Nested Relay). In theory, comprehensive access and modification rights to data stored in cloud services can be achieved. AMD says it has closed the gap with the update.

CISPA researcher Riuyi Zhang from the research group of CISPA College Dr. Michael Schwartz designed CacheWarp, a bug-based script attack that compromises data security on cloud services. CacheWarp targets the hypervisor, which acts as a host for virtual machines. “The foundation of cloud services is so-called virtualization,” Zhang explains. With virtualization, multiple virtual machines are created inside a physical computer. These have their own RAM, CPU and operating system. A hypervisor isolates operating systems and regulates the distribution of resources such as memory and computing power.

CacheWarp: Cache in time travel

AMD-SEV security technology aims to ensure that the hypervisor and virtual machines are isolated from each other. The memory of each virtual machine is encrypted with a separate key. This is intended to make universal access to data via virtual machines or through an untrustworthy hypervisor impossible. With CacheWarp this security mechanism can be circumvented. The attack works by undoing data changes in the cache and suggesting an outdated state on the system. This allows attackers to rely on successful user authentication and gain access to the virtual machine.

The hypervisor frequently presents an attack surface

To prevent hypervisor attacks, AMD developed the first generation of Secure Encrypted Virtualization (SEV). “Several vulnerabilities quickly became known. In addition, encryption was used in SEV-ES and SEV initially without identity verification. This allowed data to be tampered with. Not all parts of the memory were encrypted,” explains Michael Schwartz. As an expert in CPU vulnerabilities,Schwartz was involved in discovering several of these vulnerabilities,,including Spectre, Meltdown, and ZombieLoad.,AMD responded to the issues and evolved SEV into,the SEV-ES and more recently SEV-SNP features,,which are now also vulnerable with CacheWarp.

AMD has fixed the security vulnerability

“To our knowledge, CacheWarp is the only software-based attack that can be used to defeat SEV-SNP in this way,” Zhang explains. Provided they have access to the cloud provider’s server room, researchers can use CacheWarp script to access virtual machines and view and change data. Not only did they describe the attack techniques scientifically, but they also proposed a compiler-based solution to defuse the attack options. Since discovering CacheWarp, they have also been in contact with AMD. AMD has since announced that it has closed the vulnerability with an update.

The research team is led by CISPA faculty member Dr. Michael Schwartz has created his own website for information about CacheWarp (cachewarpattack.com). The paper “CacheWarp: Software-Based Fault Injection Using Selective State Reset” is available there and has also been accepted into the USENIX Security Conference 2024. The authors are: Ruyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Michael Schwarz (all From the CISPA Helmholtz Center for Information Security), Andreas Kugler (TU Graz), and Yong Lu (independent).

Sebastian Klöckner | Unternehmenskommunikation
CISPA Helmholtz-Zentrum für Informationssicherheit
Stuhlsatzenhaus 5, 66123 Saarbrücken, Deutschland
e  [email protected] | w  www.cispa.de