Vulnerability Disclosure:
Supermicro is aware of the security issue where a malicious hypervisor may be able to decrypt the memory of a Secure Encrypted Virtualization–Secure Nested Paging (SEV-SNP) guest VM after it is decommissioned. This issue affects AMD EPYC™ 3rd and 4th Gen Processors.
CVE:
- CVE-2023-31355
- Severity: Medium
- CVE-2024-21798
- Severity: High
- CVE-2024-21980
- Severity: Medium
Findings:
This is a security vulnerability in AMD Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) in which a malicious hypervisor could read or corrupt the memory of a guest VM. The SNP reclaim buffer attempts to write back reverse map table (RMP) changes for addresses that are not covered by the RMP. After the guest is decommissioned, a new guest context page can be created at address ‘0’ and the UMC key seed might match the key of the targeted guest VM. At that point an attacker can potentially read or corrupt the memory of the guest VM. This issue affects AMD EPYC™ 3rd Gen Processors.
Affected products:
Supermicro BIOS in the H11, H12 motherboards
| AMD Motherboard Generation | BIOS Version with the fix |
|---|---|
| H12 - Milan | v 3.0 |
| H13 - Genoa | v 1.9 |
Remediation:
- All affected Supermicro motherboard SKUs will require a BIOS update to mitigate this potential vulnerability.
- An updated BIOS firmware had been created to mitigate this potential vulnerability. Supermicro is currently testing and validating affected products. Please check Release Notes for the resolution.