Back to Security Bulletins

TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV)

Bulletin ID: AMD-SB-1023
Potential Impact: Loss of Integrity, Confidentiality and Availability

Summary

A malicious hypervisor (HV) along with an unprivileged process controlled by an attacker and executing in a guest VM, may maliciously control the process of flushing the Translation Lookaside Buffer (TLB) resulting in a loss of integrity and confidentiality.

CVE Details

CVE-2021-26340

A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM).

Affected Products

1st/2nd/3rdGen AMD EPYC™ Processors

AMD EPYC™ Embedded Processors

Mitigation

No additional mitigations. Under SEV-SNP on 3rd Gen AMD EPYC processors, the CPU hardware enforces TLB flushes where required and does not rely solely on the hypervisor to initiate TLB flushes. Therefore, AMD believes VM’s that use SEV-SNP are not affected by this issue.

Prior generations of AMD EPYC™ do not support SEV-SNP. For these prior generations of AMD EPYC™ products, AMD recommends following security best practices for helping protect against malicious hypervisor attacks and only running trusted code. For additional information on SEV-SNP and SEV/SEV-ES please refer to our white paper in the References Section of this document.

Acknowledgement

AMD thanks Mengyuan Li from The Ohio State University for reporting this/these issue(s) and engaging in coordinated vulnerability disclosure.

 

Revisions

  1. https://www.amd.com/system/files/TechDocs/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf

DISCLAIMER

The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken in the preparation of this document, it may contain technical inaccuracies, omissions and typographical errors, and AMD is under no obligation to update or otherwise correct this information. Advanced Micro Devices, Inc. makes no representations or warranties with respect to the accuracy or completeness of the contents of this document, and assumes no liability of any kind, including the implied warranties of noninfringement, merchantability or fitness for particular purposes, with respect to the operation or use of AMD hardware, software or other products described herein. Any computer system has risks of security vulnerabilities that cannot be completely prevented or mitigated. No license, including implied or arising by estoppel, to any intellectual property rights is granted by this document. Terms and limitations applicable to the purchase or use of AMD’s products are as set forth in a signed agreement between the parties or in AMD's Standard Terms and Conditions of Sale.

AMD, the AMD Arrow logo, and combinations thereof are trademarks of Advanced Micro Devices, Inc. Other product names used in this publication are for identification purposes only and may be trademarks of their respective companies.

© 2021 Advanced Micro Devices, Inc. All rights reserved.