German security specialists claim to have discovered another attack against virtual machines that are utilizing AMD’s Secure Encrypted Virtualization (SEV) innovation that could enable hackers to recover plaintext memory data from guest VMs.
AMD’s Secure Encrypted Virtualization (SEV) , which accompanies EPYC line of processors, is a feature that encrypts the memory of each VM in a way that only the guest himself can get to the data, shielding it from different VMs and even from an untrusted hypervisor.
Found by analysts from the Fraunhofer Institute for Applied and Integrated Security in Munich, this side channel attack, named SEVered, exploits the page-wise encryption of the principle memory, permitting a hypervisor to extract the full content of the primary memory in plaintext from encrypted VMs.
Here is the basic concept of the SEVered attack, as briefed in the paper:
“Our evaluation shows that SEVered is feasible in practice and that it can be used to extract the entire memory from an SEV-protected VM within a reasonable time,” the researchers said. “The results specifically show that critical aspects, such as noise during the identification and the resource stickiness are managed well by SEVered.”
The analysts additionally suggested a couple of steps AMD could take to detach the progress procedure between the host and Guest Physical Address (GPA) to make SEVered attack harder to execute.