TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV)

Bulletin ID: AMD-SB-1023 Potential Impact: Loss of Integrity, Confidentiality and Availability

Summary

A malicious hypervisor (HV) along with an unprivileged process controlled by an attacker and executing in a guest VM, may maliciously control the process of flushing the Translation Lookaside Buffer (TLB) resulting in a loss of integrity and confidentiality.

CVE Details

CVE-2021-26340

A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM).

Affected Products

1st/2nd/3rdGen AMD EPYC™ Processors

AMD EPYC™ Embedded Processors

Mitigation

No additional mitigations. Under SEV-SNP on 3rd Gen AMD EPYC processors, the CPU hardware enforces TLB flushes where required and does not rely solely on the hypervisor to initiate TLB flushes. Therefore, AMD believes VM’s that use SEV-SNP are not affected by this issue.

Prior generations of AMD EPYC™ do not support SEV-SNP. For these prior generations of AMD EPYC™ products, AMD recommends following security best practices for helping protect against malicious hypervisor attacks and only running trusted code. For additional information on SEV-SNP and SEV/SEV-ES please refer to our white paper in the References Section of this document.