A significant security vulnerability (CVE-2024-56161) has been identified in AMD’s Secure Encrypted Virtualization (SEV) system, receiving a high-severity CVSS score of 7.2. The flaw potentially allows attackers to inject malicious CPU microcode under certain conditions.

The vulnerability stems from improper signature verification in AMD’s CPU ROM microcode patch loader. Local administrators could potentially exploit this weakness to compromise confidentiality and integrity of guests running under AMD SEV-SNP (Secure Nested Paging).

Google’s security team, including researchers Josh Eads, Kristoffer Janke, Eduardo Vela, Tavis Ormandy, and Matteo Rizzo, discovered the flaw on September 25, 2024. The vulnerability specifically affects SEV, a security feature designed to isolate virtual machines using unique encryption keys.

The root cause has been identified as an insecure hash function in microcode update signature validation. While Google has released a test payload demonstrating the vulnerability, detailed technical information is being temporarily withheld to allow time for security patches to be distributed throughout the supply chain.

SEV-SNP, which provides enhanced memory integrity protection and defense against hypervisor-based attacks, is among the affected features. AMD has acknowledged the vulnerability and is working on addressing the security concern.