The tech protects Linux KVM virtual machine memory running on Epyc processors.
AMD said that it had become aware that, if using the user-selectable AMD secure encryption feature on a virtual machine running the Linux operating system, an encryption key could be compromised by manipulating the encryption technology’s behaviour.
"AMD released firmware-based cryptography updates to our ecosystem partners and on the AMD website to remediate this risk."
SEV isolates guest VMs from one another and the hypervisor using encryption keys, which are managed by the AMD Secure Processor. Each guest VM has its own cryptographic key, which is used directly with the underlying hardware and Secure Processor to transparently and automatically encrypt and decrypt sections of RAM on the fly as it is accessed.
Cfir Cohen, a security researcher with the Google Cloud security team, the SEV's implementation of elliptic-curve cryptography (ECC), was flawed.
When a VM is launched, it generates a key by multiplying points on a curve against the Platform Diffie-Hellman (PDH) key. Typically, the curve would be from America's National Institute of Standards and Technology's (NIST) list of curves. In an invalid curve attack, a different curve is used, and the results of that computation can be used to defeat the encryption.
Cohen said that at launch-start command, an attacker can send small order ECC points, not on the official NIST curves, and force the SEV firmware to multiply a small order point by the firmware’s private DH scalar.
"By collecting enough modular residues, an attacker can recover the complete PDH private key. With the PDH, an attacker can recover the session key and the VM’s launch secret. This breaks the confidentiality guarantees offered by SEV."
The flaw, disclosed to AMD in February, affects AMD Epyc servers running SEV firmware version 0.17 build 11 and below. AMD made the firmware update available to hardware partners on June 4 to distribute to customers and installations; it can be downloaded directly from here [.zip]. The fix involves restricting key generation to official NIST curves.