Back to Security Bulletins

AMD Secure Encryption Virtualization (SEV) Information Disclosure

Bulletin ID: AMD-SB-1013
Potential Impact: Information Disclosure
Severity: Medium

Summary

AMD received notification of a potential security vulnerability from a team of researchers led by Professor Yinqian Zhang from Southern University of Science and Technology (SUSTech).  A paper titled “CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via Ciphertext Side Channels” was submitted and accepted for the Usenix Security 2021 conference in August.

CVE Details

CVE-2020-12966

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor.

Affected Products

1st/2nd/3rd Gen AMD EPYC™ Processors

AMD EPYC™ Embedded Processors

Mitigation

AMD has developed mitigation in the VMSA Register Protection feature to help protect against a malicious hypervisor. The mitigation is available for enablement in 3rd Gen AMD EPYC™ processors and requires the use of SEV-SNP, which is supported on 3rd Gen AMD EPYC™. The update has been released as part of MilanPI-SP3_1.0.0.5.  

Prior generations of AMD EPYC™ do not support SEV-SNP.  

For earlier AMD EPYC™ products, AMD recommends following security best practices for helping protect against malicious hypervisor attacks. For additional information on SEV-SNP and SEV/SEV-ES please refer to our white paper in the References Section of this document.

Acknowledgement

  • AMD thanks Professor Yinqian Zhang from Southern University of Science and Technology (SUSTech) and his Ph.D. student Mengyuan Li from Ohio State University, in collaboration with the Baidu Security team for reporting this/these issue(s) and engaging in coordinated vulnerability disclosure.

References

  1. https://www.amd.com/system/files/TechDocs/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf

Revisions

None

DISCLAIMER

The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken in the preparation of this document, it may contain technical inaccuracies, omissions and typographical errors, and AMD is under no obligation to update or otherwise correct this information. Advanced Micro Devices, Inc. makes no representations or warranties with respect to the accuracy or completeness of the contents of this document, and assumes no liability of any kind, including the implied warranties of noninfringement, merchantability or fitness for particular purposes, with respect to the operation or use of AMD hardware, software or other products described herein. Any computer system has risks of security vulnerabilities that cannot be completely prevented or mitigated. No license, including implied or arising by estoppel, to any intellectual property rights is granted by this document. Terms and limitations applicable to the purchase or use of AMD’s products are as set forth in a signed agreement between the parties or in AMD's Standard Terms and Conditions of Sale.

AMD, the AMD Arrow logo, and combinations thereof are trademarks of Advanced Micro Devices, Inc. Other product names used in this publication are for identification purposes only and may be trademarks of their respective companies.

© 2021 Advanced Micro Devices, Inc. All rights reserved.