Preface: Sometimes, when a solution is misused or misconfigured, it can use this testing feature as a sword!

Background: AMD SEV (Secure Encrypted Virtualization) is a hardware-based security feature designed to enhance the confidentiality and integrity of virtual machines (VMs) running on AMD EPYC processors. Here are some key points about it:

1. Memory Encryption: SEV encrypts the memory of individual VMs using unique encryption keys. This ensures that neither the hypervisor nor other VMs can access the data of a specific VM.
2. Isolation: SEV creates an isolated execution environment, protecting VMs from potential attacks originating from the hypervisor or other VMs.
3. SEV-SNP (Secure Nested Paging): This is an extension of SEV that adds strong memory integrity protections. It helps prevent malicious hypervisor-based attacks like data replay and memory re-mapping, further enhancing the security of the VMs.
4. Recent Vulnerability: A recent vulnerability (CVE-2024-56161) was discovered in SEV-SNP, which could allow an attacker with local admin privileges to load malicious CPU microcode, compromising the confidentiality and integrity of VMs. AMD has released patches to mitigate this issue.

Vulnerability details: Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.

Office announcement: Please refer to the link for details https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html