Cachewarp

Vulnerability updated a month ago (2024-11-29T14:17:26.536Z)

Download STIX

Preview STIX

CacheWarp, a significant vulnerability (CVE-2023-20592) in software design and implementation, was disclosed on November 14. This flaw allows malicious actors to exploit AMD Secure Encrypted Virtualization (SEV)-protected virtual machines (VMs) to escalate privileges and gain remote code execution. The vulnerability affects first through third-generation EPYC processors, excluding the fourth generation. On the same day of the disclosure, AMD released a microcode patch for third-generation EPYC chips to address the issue. The exploitation of CacheWarp enables attackers to manipulate return addresses on the stack, altering the control flow of a targeted program. Additionally, it can be used to undo data modifications, fooling the system into believing it has an outdated status. The vulnerability was found in the INVD instruction, which could lead to a loss of SEV-ES and SEV-SNP guest VM memory integrity, according to an AMD security advisory. A research team led by Michael Schwarz from the CISPA Helmholtz Centre for Information Security published an academic paper on the vulnerability, titled "CacheWarp: Software-based fault injection using selective state reset," which has been accepted for the USENIX Security conference 2024. They also created a dedicated website to provide information on CacheWarp and shared video demos demonstrating how it can be used to gain root privileges or bypass OpenSSH authentication.

Description last updated: 2024-05-04T22:27:09.861Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
CVE-2023-20592 is a possible alias for Cachewarp. CVE-2023-20592, also known as CacheWarp, is a significant software vulnerability discovered in AMD processors. This flaw in the design or implementation of the software allows malicious actors to break into AMD Secure Encrypted Virtualization (SEV) protected virtual machines (VMs), thereby escalatin	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vulnerability

amd

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Cachewarp Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
CERT-EU	a year ago	New Reptar CPU flaw impacts Intel desktop and server systems
DARKReading	a year ago	'CacheWarp' AMD VM Bug Opens the Door to Privilege Escalation
CERT-EU	a year ago	New CPU vulnerability extends to virtual machine environments
CERT-EU	a year ago	AMD SEV OMG: Trusted execution undone by cache meddling
CERT-EU	a year ago	CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs
CERT-EU	a year ago	New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs