Severe safety failure affects all AMD Ryzen CPUs since 2017

By Aayush

A critical security flaw affecting all AMD Ryzen processors, from the first-generation Zen 1 to the current Zen 4, has been uncovered by the Google Security Research team. This vulnerability allows attackers with local administrator privileges to inject malicious microcode patches into the processors, potentially compromising workloads that rely on AMD’s confidential computing technologies.

The root of the problem lies in the inadequate implementation of the hash function used in the signature validation process for CPU microcode updates. This weakness allows malicious actors to bypass security mechanisms and inject harmful code directly into the processor.

Advertisements

The vulnerability was reported to AMD on September 25, 2024. In response, AMD issued an embargoed fix to its customers on December 17. The issue was publicly disclosed on Monday, February 3, though detailed technical information remains confidential until March 5 to give organizations time to implement the necessary security measures.

Understand critical vulnerability in CPUs AMD Ryzen.

The vulnerability allows attackers with local administrator privileges (Ring 0 outside a virtual machine) to inject malicious microcode patches into AMD Ryzen processors. In practical terms, an attacker could alter the CPU’s internal behaviormodify instructions, and compromise system security.

Advertisements

Potential Consequences of a Successful Attack:

  • Disabling critical processor security features
  • Modifying instructions to create backdoors or introduce new vulnerabilities
  • Compromising the integrity of confidential computing environments
  • Disrupting dynamic trust measurement systems

For companies and data centers, this poses a serious risk to the confidentiality and integrity of sensitive data processed in environments protected by technologies like AMD SEV-SNP. A skilled attacker could potentially access confidential information or manipulate critical system operations.

The immediate risk is lower for home users since the exploit requires high-level privileges. However, malware with administrator access could leverage this vulnerability to embed itself deeper into the system or resist removal attempts, making it a potential long-term security threat.

Advertisements

AMD challenges to solve the problem

AMD has released AGESA firmware updates containing the CVE-2024-56161 security patch to mitigate the recently discovered vulnerability. The update introduces new restrictions on microcode loading, preventing potential exploitation attempts.

Updated Microcode Versions:

  • Naples B20x08001278
  • Rome B00x0830107d
  • Milan/Milan-X0x0a0011db / 0x0a001244
  • Genoa/Genoa-X/Bergamo/Siena0x0a101154 / 0x0a10124f / 0x0aa00219

These updates strengthen protections for all SEV security features, including SEV, SEV-ES, and SEV-SNP. Additionally, new restrictions on microcode loading have been introduced to prevent similar vulnerabilities in the future.

Advertisements

Despite this fix, completely resolving the issue remains a challenge. The complexity of supply chain logistics and remediation requirements means that rolling out the fix across all affected systems will take time.

As mentioned, additional technical details remain under embargo until March 5, 2025, giving organizations time to implement security measures and restore confidence in their environments.

Since this vulnerability affects the very process of microcode verification, developing a comprehensive solution presents a significant technical challenge. AMD must carefully balance security improvements while maintaining compatibility and performance for impacted processors.

TAGGED:
Share This Article
Follow:
Aayush is a B.Tech graduate and the talented administrator behind AllTechNerd. . A Tech Enthusiast. Who writes mostly about Technology, Blogging and Digital Marketing.Professional skilled in Search Engine Optimization (SEO), WordPress, Google Webmaster Tools, Google Analytics
Leave a Comment