This vulnerability affects certain legacy AMD EPYC processors, specifically targeting the first-generation EPYC Naples, second-generation EPYC Rome, and third-generation EPYC Milan product lines.
The vulnerability exploits a weakness in AMD's Secure Encrypted Virtualization (SEV) technology, particularly in the SEV-ES (Encrypted State) and SEV-SNP (Secure Nested Paging) implementations. The CacheWrap attack utilizes a software-based fault injection technique that alters the cache memory behavior in a virtual machine (VM) protected by SEV. The attack method forces the cache lines within the VM to revert to their unmodified state, thereby eluding the integrity verification mechanisms of SEV-SNP and allowing undetected fault injection.
Unlike other attacks that depend on specific vulnerabilities within the guest VM, CacheWrap targets inherent architectural weaknesses in AMD's SEV technology, posing a systemic threat to any system employing this form of security. This makes it a significant concern for the safeguarding of data privacy and integrity in environments that depend on encrypted virtualization for protection.
In response to the discovery of this vulnerability, AMD has issued an update for third-generation EPYC Milan processors, which includes a microcode patch that can be loaded dynamically and an updated firmware version that is designed to rectify the issue without impacting system performance. Nevertheless, AMD has indicated that no countermeasures are currently in place for the Naples and Rome generations of EPYC processors. This is due to the limitations of the SEV and SEV-ES features, which do not protect the integrity of guest VM memory, combined with the unavailability of SEV-SNP on these older architectures.