Summary: AMD has released firmware updates to address a critical vulnerability (CVE-2024-56161) that allows attackers with local administrator privileges to exploit weaknesses in CPU microcode handling, impacting confidential workloads under AMD’s SEV-SNP. The flaw arises from inadequate signature verification in the CPU ROM microcode patch loader, which may lead to loss of confidentiality and integrity. Users are urged to update their microcode and firmware to mitigate potential exploits and ensure the security of their systems.

Affected: AMD EPYC processors and systems using AMD Secure Encrypted Virtualization (SEV-SNP)

Keypoints :

• Vulnerability CVE-2024-56161 stems from improper signature verification in AMD’s microcode patch loader.
• Local admin privileges are required for attackers to exploit this vulnerability affecting SEV-SNP systems.
• Google researchers demonstrated the creation of malicious microcode patches, highlighting the risk to confidential computing workloads.
• Mitigation requires a microcode update across affected platforms, and some might need a SEV firmware update.
• Best practices are advised to defend against cache-based side-channel attacks impacting various AMD EPYC generations.