SoylentNews

Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online

posted by takyon on Sunday January 07 2018, @06:36PM   
from the end-of-trusted-computing dept.

"MrPlow" writes:

Submitted via IRC for TheMightyBuzzard

AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor.

[...] Cfir Cohen, a security researcher with the Google Cloud Security Team, says he discovered a vulnerability in the Trusted Platform Module (TPM) of the AMD Secure Processor. The TPM is a component to store critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores.

"Through manual static analysis, we've found a stack-based overflow in the function EkCheckCurrentCert," Cohen says. The researcher claims that an attacker could use specially-crafted EK certificates to get remote code execution rights on the AMD Secure Processor, allowing him to compromise its security.

Cohen said that some basic mitigation techniques such as "stack cookies, NX stack, ASLR" were not implemented in AMD's Secure Processor, making exploitation trivial.

takyon: This bug is unrelated to Meltdown and Spectre. And you might be interested in this:

Coincidentally, on Reddit [1, 2], some users reported seeing a new option to disable AMD PSP support, but it's unclear if this new option is related to the patches AMD was preparing to roll out for Cohen's findings.

Source: Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online

---

Original Submission

• Re:Car Analogy Re:Car Analogy (Score: 2, Insightful) by Anonymous Coward on Sunday January 07 2018, @07:38PM (2 children)

  by Anonymous Coward on Sunday January 07 2018, @07:38PM (#619256)

  > On an all-too-related topic, everyone raise your hand if you were ready to trust your life to self-driving cars a month ago. Now we know that almost every CPU ever made (if you take percentage of total) has at least one fundamentally un-fixable vulnerability. And what makes you think the endless stream of security vulnerabilities is ever going to end?

  If Meltdown is what made you realize that... you have been living under a mountain-sized rock. Car software is of abysmal quality, and self-driving car technology is still a long way from being usable.

  On the other hand, I'm not all that willing to trust my life to non-self-driving cars either, whether it would be me driving or some other idiot. Security vulnerabilities in your average human are oh so much worse than in any software.

  Parent

  Starting Score:	0		points
  Moderation		+2
  Insightful=2, Total=2
  Extra 'Insightful' Modifier		0
  Total Score:		2

• Re:Car Analogy (Score: 4, Insightful) by Justin Case on Sunday January 07 2018, @07:45PM

  by Justin Case (4239) on Sunday January 07 2018, @07:45PM (#619259) Journal

  Security vulnerabilities in your average human are oh so much worse than in any software.

  Perhaps, but you usually have to pwn humans one at a time. (Acknowledging technology-aided mass attacks do exist, like phishing SPAM, and TV preachers.)

  Software monoculture means you can pwn millions of devices through the same exploit. Millions of malicious cars on the loose? This is going to require a boatload of popcorn!

  Parent

• Re:Car Analogy (Score: 0) by Anonymous Coward on Monday January 08 2018, @04:01AM

  by Anonymous Coward on Monday January 08 2018, @04:01AM (#619397)

  >Now we know that almost every CPU ever made (if you take percentage of total)

  Nowhere near. The CPUs in cars, many phones, non-x86 routers, etc. are not x86 nor ARM.

  Just because they're slower and not in your desktop doesn't mean they aren't CPUs.

  Parent