AMD Secure Encryption Virtualization (SEV) Information Disclosure

Bulletin ID: AMD-SB-1013 **Potential Impact:**Information Disclosure **Severity:**Medium

Summary

AMD received notification of a potential security vulnerability from a team of researchers led by Professor Yinqian Zhang from Southern University of Science and Technology (SUSTech). A paper titled “CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via Ciphertext Side Channels” was submitted and accepted for the Usenix Security 2021 conference in August.

CVE Details

CVE-2020-12966

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor.

Affected Products

1st/2nd/3rd Gen AMD EPYC™ Processors

AMD EPYC™ Embedded Processors

Mitigation

AMD has developed mitigation in the VMSA Register Protection feature to help protect against a malicious hypervisor. The mitigation is available for enablement in 3rd Gen AMD EPYC™ processors and requires the use of SEV-SNP, which is supported on 3rd Gen AMD EPYC™. The update has been released as part of MilanPI-SP3_1.0.0.5.

Prior generations of AMD EPYC™ do not support SEV-SNP.

For earlier AMD EPYC™ products, AMD recommends following security best practices for helping protect against malicious hypervisor attacks. For additional information on SEV-SNP and SEV/SEV-ES please refer to our white paper in the References Section of this document.