AMD CPU Signature Verification Vulnerability Enables Unauthorized Microcode Execution

A vulnerability in AMD CPUs has been uncovered, enabling attackers with administrative privileges to bypass microcode signature verification and execute malicious code.

Designated as CVE-2024-36347 (CVSS score: 6.4, Medium), the flaw impacts multiple generations of AMD EPYC™ server processors and select consumer Ryzen™ chips.

Vulnerability Overview

Google researchers identified a weakness in AMD’s microcode patch verification algorithm, allowing attackers to falsify signatures and load unauthorized updates.

This could compromise the integrity of x86 instruction execution, expose privileged data, and even hijack the System Management Mode (SMM) environment—a high-privilege layer used for firmware operations.

AMD confirmed the flaw stems from an “improper signature verification” in the CPU’s ROM loader but emphasized no active exploits have been observed. The company is collaborating with OEMs to release firmware updates.

Affected Products

The vulnerability impacts the following AMD EPYC™ and Ryzen™ processors:

Code Name	Product Family	CPUID
Naples	EPYC™ 7000 Series	0x00800F12
Rome	EPYC™ 7002 Series	0x00830F10
Milan/Milan-X	EPYC™ 7003 Series	0x00A00F11/12
Genoa/Genoa-X	EPYC™ 9004 Series	0x00A10F11/12
Bergamo/Siena	EPYC™ 9004 Series	0x00AA0F02
Raphael	Ryzen™ Embedded 4004 Series	0x00A60F12
Turin	EPYC™ 9005 Series (Upcoming)	0x00B00F21

Mitigation and Firmware Updates

AMD has released Platform Initialization (PI) firmware patches to address the flaw. System administrators must update their BIOS via OEM providers using the minimum microcode versions below:

• EPYC™ 7000 Series (Naples): PI version 1.0.0.P1 (Microcode: 0x08001278)
• EPYC™ 7002 Series (Rome): PI version 1.0.0.L1 (Microcode: 0x0830107D)
• EPYC™ 7003 Series (Milan): PI version 1.0.0.F2 (Microcode: 0x0A0011DB/0A001244)
• EPYC™ 9004 Series (Genoa): PI version 1.0.0.E3 (Microcode: 0x0A101154/0A10124F/0AA00219)

Post-update, hot-loading microcode patches is blocked on older BIOS versions. Systems running MilanPI below 1.0.0.F or GenoaPI below 1.0.0.E will trigger a #GP fault during hot-load attempts.

Recommendations

1. Contact OEMs Immediately: Reach out to hardware vendors for BIOS updates tailored to your system.
2. Audit Privileged Access: Limit administrative privileges to minimize exploitation risk.
3. Monitor Firmware Updates: AMD advises against hot-loading microcode until PI versions are fully deployed.

While the flaw poses significant risks, AMD’s proactive patches and collaboration with researchers highlight a swift response. Enterprises and data centers should prioritize updates to safeguard against potential privilege escalation attacks.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!