A critical security flaw affecting all AMD Ryzen processors, from the first-generation Zen 1 to the current Zen 4, has been uncovered by the Google Security Research team. This vulnerability allows attackers with local administrator privileges to inject malicious microcode patches into the processors, potentially compromising workloads that rely on AMD’s confidential computing technologies.
The root of the problem lies in the inadequate implementation of the hash function used in the signature validation process for CPU microcode updates. This weakness allows malicious actors to bypass security mechanisms and inject harmful code directly into the processor.
The vulnerability was reported to AMD on September 25, 2024. In response, AMD issued an embargoed fix to its customers on December 17. The issue was publicly disclosed on Monday, February 3, though detailed technical information remains confidential until March 5 to give organizations time to implement the necessary security measures.
Understand critical vulnerability in CPUs AMD Ryzen.
The vulnerability allows attackers with local administrator privileges (Ring 0 outside a virtual machine) to inject malicious microcode patches into AMD Ryzen processors. In practical terms, an attacker could alter the CPU’s internal behavior, modify instructions, and compromise system security.
Potential Consequences of a Successful Attack:
- Disabling critical processor security features
- Modifying instructions to create backdoors or introduce new vulnerabilities
- Compromising the integrity of confidential computing environments
- Disrupting dynamic trust measurement systems
For companies and data centers, this poses a serious risk to the confidentiality and integrity of sensitive data processed in environments protected by technologies like AMD SEV-SNP. A skilled attacker could potentially access confidential information or manipulate critical system operations.
The immediate risk is lower for home users since the exploit requires high-level privileges. However, malware with administrator access could leverage this vulnerability to embed itself deeper into the system or resist removal attempts, making it a potential long-term security threat.
AMD challenges to solve the problem
AMD has released AGESA firmware updates containing the CVE-2024-56161 security patch to mitigate the recently discovered vulnerability. The update introduces new restrictions on microcode loading, preventing potential exploitation attempts.
Updated Microcode Versions:
- Naples B2 – 0x08001278
- Rome B0 – 0x0830107d
- Milan/Milan-X – 0x0a0011db / 0x0a001244
- Genoa/Genoa-X/Bergamo/Siena – 0x0a101154 / 0x0a10124f / 0x0aa00219
These updates strengthen protections for all SEV security features, including SEV, SEV-ES, and SEV-SNP. Additionally, new restrictions on microcode loading have been introduced to prevent similar vulnerabilities in the future.
Despite this fix, completely resolving the issue remains a challenge. The complexity of supply chain logistics and remediation requirements means that rolling out the fix across all affected systems will take time.
As mentioned, additional technical details remain under embargo until March 5, 2025, giving organizations time to implement security measures and restore confidence in their environments.
Since this vulnerability affects the very process of microcode verification, developing a comprehensive solution presents a significant technical challenge. AMD must carefully balance security improvements while maintaining compatibility and performance for impacted processors.