On Tuesday, researchers unveiled BadRAM, an attack that completely undermines security assurances that chipmaker AMD makes to users of one of its most expensive and well-fortified microprocessor product lines.
-
On Tuesday, researchers unveiled BadRAM, an attack that completely undermines security assurances that chipmaker AMD makes to users of one of its most expensive and well-fortified microprocessor product lines. Starting with the AMD Epyc 7003 processor, a feature known as SEV-SNP has provided the cryptographic means AMD says proves that a VM hasn’t been compromised.
BadRAM is an attack that a server admin can carry out in minutes, using either about $10 of hardware, or in some cases, software only, to cause DDR4 or DDR5 memory modules to misreport during bootup the amount of memory capacity they have. From then on, SEV-SNP will be permanently made to suppress the cryptographic hash attesting its integrity even when the VM has been badly compromised.
AMD’s trusted execution environment blown wide open by new BadRAM attack
Attack bypasses AMD protection promising security, even when a server is compromised.
Ars Technica (arstechnica.com)