Google security researchers have discovered a critical vulnerability in AMD's CPU microcode security system, allowing complete control over processor behavior. The team has released Zentool, a utility that enables users to analyze, manipulate, and generate microcode patches for AMD Zen processors.
The vulnerability stems from AMD's use of a standard example key from the AES-CMAC RFC documentation in their microcode signing process. This fundamental security error allowed researchers to bypass AMD's protection mechanisms and create custom-signed microcode updates that the processor accepts as legitimate.
The Security Flaw
The security issue affects AMD Zen1 through Zen4 processors, with Zen5's vulnerability status still under investigation. According to comments from the researchers, AMD's critical mistake was using the example key from the AES-CMAC RFC as their actual signing key. This oversight essentially broke the entire security model protecting CPU microcode.
Any encryption/signature that can be broken in software on affordable hardware is just that: BROKEN.
The flaw is particularly concerning because microcode modifications can bypass fundamental security measures. With access to microcode, an attacker with kernel privileges could potentially access physical memory directly, bypass privilege checks, and compromise security features like AMD's Secure Encrypted Virtualization (SEV).
Key Facts About the AMD Microcode Vulnerability
- Affected Hardware: AMD Zen1 through Zen4 processors
- Vulnerability: Use of example AES-CMAC RFC key for microcode signing
- Tool Released: Zentool - AMD Zen Microcode Manipulation Utility
- Mitigation: AMD released a fix using a custom secure hash function paired with AMD Secure Processor update
- Research Team: Google Hardware Security Team (Josh Eads, Matteo Rizzo, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, Sophie Schmiege, and others)
Zentool Capabilities
The Zentool utility provides extensive capabilities for microcode manipulation. Users can examine microcode headers, modify revision numbers, edit match registers, and even patch individual instructions. The tool includes a disassembler that can show the internal RISC operations (quads) that make up the microcode.
One particularly powerful feature is the ability to resign modified microcode, which compensates for changes by generating valid signatures that the CPU will accept. This allows users to load custom microcode patches onto specific CPU cores.
Implications and Mitigations
AMD has released a fix that modifies the microcode validation routine to use a custom secure hash function. This is paired with an AMD Secure Processor update that ensures the patch validation routine is updated before the x86 cores can attempt to install tampered microcode.
Security experts in the discussion note that the vulnerability's impact is amplified by modern firmware security architecture. While CPUs have no non-volatile memory (microcode resets when power is cycled), the ability to compromise system flash could allow for permanent, irreversible compromise of affected systems.
The researchers plan to provide additional details in the coming months about how they reverse-engineered the microcode update process, which led to identifying the validation algorithms.
Ethical and Legal Considerations
The release of such a tool has sparked debate about the ethics and legality of publishing security vulnerability tools. Some commenters drew parallels to console jailbreaking tools, which often face DMCA takedowns, while others defended the academic and security research value of such work.
Previous academic research on AMD K8 and K10 CPU microcode was mentioned as a precedent, where researchers broke the encryption (described as more like scrambling) and released tooling without legal repercussions from AMD.
The Google Hardware Security Team behind this work includes Josh Eads, Matteo Rizzo, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, Sophie Schmiege, and others. Their work builds on previous research, including the paper Reverse Engineering x86 Processor Microcode by Koppe et al. from Ruhr-Universitat Bochum.
Reference: Zentool -- AMD Zen Microcode Manipulation Utility