Improper Signature Verification in AMD CPU Microcode Patch Loader
CVE-2024-56161

7.2HIGH

Key Information:

Vendor
Amd
Status
Amd Epyc™ 7001 Series
Amd Epyc™ 7002 Series
Amd Epyc™ 7003 Series
Amd Epyc™ 9004 Series
Vendor
CVE Published:
3 February 2025

Badges

📈 Score: 974📰 News Worthy

What is CVE-2024-56161?

CVE-2024-56161 is a vulnerability found in the microcode patch loader of AMD CPUs. This vulnerability stems from improper signature verification, which could enable an attacker with local administrative privileges to load malicious CPU microcode. If exploited, this weakness could compromise the confidentiality and integrity of sensitive data processed by virtual machines operating under AMD’s Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) technology. Organizations utilizing affected AMD processors should be aware of the potential risks associated with this vulnerability, as it poses a significant threat to their secure computing environments.

Technical Details

The vulnerability relates specifically to the microcode patch loader within AMD CPUs, where the signature verification process is flawed. This defect allows an attacker, possessing local admin rights, to override legitimate microcode with malicious code. Such an attack could be executed in scenarios where attackers have gained unauthorized local access to the system, raising concerns about the potential misuse of this flaw to escalate privileges or deploy further exploits.

Potential Impact of CVE-2024-56161

  1. Loss of Confidentiality: Exploitation of this vulnerability can result in unauthorized access to sensitive data, undermining the confidentiality of critical information managed by virtual machines under AMD SEV-SNP.

  2. Integrity Compromise: By allowing malicious microcode to be loaded, this vulnerability may lead to alterations in system behavior or data, compromising the integrity of the systems and the information they process.

  3. Increased Attack Surface: The existence of this flaw within a widely used CPU architecture can broaden the attack vector for malicious actors, putting organizations that rely on AMD technology at greater risk of targeted attacks and further exploitation.

Affected Version(s)

AMD EPYC™ 7001 Series NaplesPI 1.0.0.P

AMD EPYC™ 7002 Series RomePI 1.0.0.L

AMD EPYC™ 7003 Series MilanPI 1.0.0.F

News Articles

favicon imageCyber Kendra

Google Uncover Critical AMD CPU Vulnerability Affecting Confidential Computing

Google's Security Team has disclosed a high-severity vulnerability in AMD's CPU microcode signature verification system, affecting multiple AMD processors. The flaw, tracked as CVE-2024-56161, could...

3 weeks ago

favicon imageTechTarget

AMD, Google disclose Zen processor microcode vulnerability | TechTa...

AMD and Google on Monday disclosed CVE-2024-56161, a high-severity microcode signature verification vulnerability affecting AMD Zen processors.

3 weeks ago

favicon imageThe Hacker News

AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access

CVE-2024-56161 exposes AMD SEV-SNP to malicious microcode attacks, risking VM data integrity. Discovered by Google, rated CVSS 7.2.

3 weeks ago

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • 📰

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

.