AMD's EPYC SEV encryption reportedly "SEVered" by German researchers

Unfortunately a key detail is missing. It needs full admin access on the host, which truns this into a Bug not a Security Flaw. Sad to see the same kind of fake news as with the amdflaws. But it seems like the SEV feature does not truely isolate the hyper-visor, maybe we will get there soon.
 
Unfortunately a key detail is missing. It needs full admin access on the host, which truns this into a Bug not a Security Flaw. Sad to see the same kind of fake news as with the amdflaws. But it seems like the SEV feature does not truely isolate the hyper-visor, maybe we will get there soon.

Thanks for the correction, the article has been updated. A note has also been added at the base of the article to credit you for your help.
 
This attack apparently requires a modified hypervisor to work along with a service on the virtual machine that will provide access to resources. Basically the hypervisor fiddles with the physical location of logical memory locations and then accesses those via a resource providing service on the virtual machine.

I don't think that this would be an issue if you are running your own virtual machine setup as you could use secure boot to protect the hypervisor from tampering. As for third party VM hosting, how well do you trust the third party?
 
Back
Top