An international research team led by Graz University of Technology has discovered a new security vulnerability in AMD's SEV-SNP cloud computing solution. SEV-SNP was developed specifically to protect sensitive data from access by cloud providers and potential hackers. Researchers led by Stefan Gast from the Institute for Applied Information Processing and Communications have succeeded in reconstructing and stealing confidential data from systems equipped with SEV-SNP protection using measured values from so-called hardware performance counters.
228 Performance counters allow potential conclusions to be drawn about processed data
Hardware performance counters continuously measure the performance of processors and are used in software development to identify performance bottlenecks, among other things. In their experiments, the researchers identified 228 hardware performance counters that are visible in systems with SEV-SNP and whose measured values allow potential conclusions to be drawn about the data being processed in virtual machines.
As a protective measure against this security vulnerability referred to as CounterSEVeillance, cloud service providers could theoretically deactivate the hardware performance counters. However, they rely on them to monitor the computing power of their systems, the researchers write in their paper “CounterSEVeillance: Performance-Counter Attacks on AMD SEV-SNP”. In addition, performance counters are often part of protective measures used to detect malicious software execution.
Further information on the CounterSEVeillance vulnerability can be found on Stefan Gast's website.
