Security researchers have identified a vulnerability in AMD processors that they have dubbed badRAM and which could allow threat actors with physical access to cloud computing environments to bypass encryption protections, reports The Record, a news site by cybersecurity firm Recorded Future.
The flaw circumvents AMD’s Secure Encrypted Virtualization, which encrypts virtual machine memory to safeguard cloud customer data, by tampering with the Serial Presence Detect chip on memory modules using hardware that can cost under $10. The technique involves forcing the memory module to provide incorrect information about its size so that attackers can trick the processor into exposing encrypted memory regions.
"This leads to two CPU addresses mapping to the same DRAM location. And through these aliases, attackers can bypass CPU memory protections, exposing sensitive data or causing disruptions," said researcher David Oswald. "The whole AMD security technology is built on the assumption that there is no aliasing." While exploiting this flaw requires physical access, researchers warned that malicious insiders, corrupt employees, or law enforcement with access to cloud hardware could leverage it. AMD has released firmware updates and recommends using memory modules with locked SPD chips alongside physical security measures. The research found no evidence of the vulnerability being exploited in the wild.
