Amd patches epyc cpu secure encrypted virtualization exploit that could leak secret keys
June 28, 2019 / Paul Lilly
AMD has begun pushing out a firmware fix for its EPYC server processors that addresses the way the chips provide Secure Encrypted Virtualization (SEV). Left unpatched, an attacker could leverage the vulnerability to recover a secure key, which could then be used to access an isolated virtual machine (VM) on a targeted system.SEV is a feature that uses one security key per VM to isolate guests and the hypervisor from one another. Those keys are managed by the AMD Secure Processor. It is a hardware-level feature that gives each guest VM its own security key to encrypt and decrypt portions of RAM as needed. The idea is to protect data in memory from being accessed by unauthorized users.