https://www.nuvation.com/
25 Views

BadRAM memory vulnerability hits AMD processors

LinkedIn Facebook X
December 12, 2024

Get a Price Quote

European cybersecurity researchers have identified a memory vulnerability that impacts AMD processors.

The BadRAM vulnerability involves rogue memory modules that deliberately provide false information to the processor during startup. 

When a computer boots up, the processor will communicate with DRAM modules to learn size, speed and configuration. This information is stored on the so-called SPD chip. But by tampering with this chip, the researchers found that attackers were able to bypass the AMD’s security mechanisms put in place to protect sensitive data – particularly data stored in shared cloud environments with pervasive data breaches and insider threats. 

In this case, the researchers targeted a security technology called Secure Encrypted Virtualisation (SEV) used by AMD. This protects privacy and trust in cloud computing by encrypting a virtual machine’s memory and isolating it from attacks. 

The research was carried out by a consortium of experts from KU Leuven, Belgium, the University of Luebeck, Germany and the University of Birmingham, UK.  

  • New vulnerability in all major CPU architectures
  • AI catches zero day vulnerabilities in real world code
  • Fuzz testing finds GhostWrite RISC-V vulnerability

BadRAM makes the computer’s memory module intentionally lie about its size, tricking the CPU into addressing ‘ghost’ memory regions that don’t exist. This leads to two CPU addresses mapping to the same DRAM location. And through these aliases, attackers can bypass CPU memory protections, exposing sensitive data or causing disruptions. 

“We found that using cheap, off-the-shelf equipment, we were able to trick the computer’s processor into allowing access to protected memory,” said Dr David Oswald, at the University of Birmingham.

AMD has issued firmware updates to securely validate memory configurations as processors boot up. 

“We worked with AMD to ensure they were able to adopt appropriate countermeasures so that BadRAM is detected at the point the computer boots up. While it’s good practice to keep your system up-to-date, most cloud providers will have updated their firmware to include AMD’s countermeasures” he added.

 

Recent Stories

Overview of Small Size MCUs
Overview of Small Size MCUs
CEO Talk: Alex Grebenkov CBDO at nao.design
CEO Talk: Alex Grebenkov CBDO at nao.design
FPGA Engineer
FPGA Engineer
FPGA Price
FPGA Price
Embedded Engineering: Ultimate Guide
Embedded Engineering: Ultimate Guide
Electronics Manufacturing Services: Ultimate Guide
Electronics Manufacturing Services: Ultimate Guide
BOM Cost: Ultimate Guide
BOM Cost: Ultimate Guide
Electronic Product Development: Ultimate Guide
Electronic Product Development: Ultimate Guide
Get 3 Quotes from Electronic Design Companies
Get 3 Quotes from FPGA Design Companies
Get 3 Quotes from Embedded SW Services
Get 3 Quotes from EMS Companies

Try FPGA or Wireless

Get IC Prices

Get Price Offers From
Welcome New Vendors
Browse Vendor Directories
Featured Vendor

Instigate Design

Recent Posts
Most Popular Blog Posts
HardwareBee

Copyright 2017-2024, HardwareBee. All rights reserved.

Follow Us

Be sure to follow our LinkedIn company page where we share our latest updates LinkedIn
Partner with us Partner with us

Design and Manufacturing Services