Masu haɓakawa daga ƙungiyar Google Cloud rauni (CVE-2019-9836) a cikin aiwatar da fasahar AMD SEV (Secure Encrypted Virtualization), wanda ke ba da damar kariya ga bayanai ta amfani da wannan fasaha don lalata. AMD SEV a matakin hardware yana ba da ɓoyayyiyar ɓoyayyiyar ƙwaƙwalwar na'ura mai kama-da-wane, wanda kawai tsarin baƙo na yanzu yana da damar yin amfani da bayanan da aka ɓoye, da sauran injunan kama-da-wane da hypervisor suna karɓar ɓoyayyen saitin bayanai yayin ƙoƙarin samun damar wannan ƙwaƙwalwar.
Matsalar da aka gano ta ba da damar dawo da abubuwan da ke cikin maɓalli na PDH mai zaman kansa gaba ɗaya, wanda ake sarrafa shi a matakin na'ura mai sarrafa PSP daban (AMD Security Processor), wanda ba shi da isa ga babban OS.
Samun maɓallin PDH, maharin zai iya dawo da maɓallin zaman da jerin sirri da aka ƙayyade lokacin ƙirƙirar injin kama-da-wane kuma ya sami damar yin rufaffiyar bayanan.
Rashin lahani yana haifar da lahani a cikin aiwatar da ɓoye ɓoyayyen lanƙwasa (ECC), wanda ke ba da izini. don mayar da sigogi masu lankwasa. Yayin aiwatar da umarnin farawa na injin kama-da-wane mai kariya, mai kai hari zai iya aika sigogin lankwasa waɗanda ba su bi matakan NIST da aka ba da shawarar ba, wanda ke haifar da amfani da ƙananan ƙima a cikin ayyukan ninkawa tare da bayanan sirri na sirri.
Tsaro na ECDH yarjejeniya kai tsaye daga wurin farawa na lanƙwasa, madaidaicin logarithm wanda aiki ne mai wahala. Yayin ɗayan matakan farawa na yanayin AMD SEV, ƙididdiga masu zaman kansu suna amfani da sigogi da aka karɓa daga mai amfani. Mahimmanci, aikin yana ninka maki biyu, ɗaya daga cikinsu ya dace da maɓalli na sirri. Idan batu na biyu yana nufin ƙananan lambobi masu ƙima, to, maharin zai iya ƙayyade ma'auni na batu na farko (bits na modulus da aka yi amfani da su a cikin aikin modulo) ta hanyar bincika duk ƙididdiga masu yiwuwa. Don tantance maɓalli na sirri, zaɓaɓɓun guntuwar lambar farko za'a iya haɗa su tare ta amfani da .
Matsalar tana shafar dandamalin uwar garken AMD EPYC ta amfani da firmware SEV har zuwa sigar 0.17 gina 11. AMD ta riga ta Sabunta firmware wanda ke ƙara toshe maki waɗanda basu bi ka'idar NIST ba. A lokaci guda, takaddun takaddun da aka samar a baya don maɓallan PDH suna ci gaba da aiki, wanda ke ba maharin damar kai hari don ƙaura daga injunan kama-da-wane daga muhallin da aka kare daga rauni zuwa yanayin da ke fuskantar matsalar. An kuma ambaci yuwuwar kai hari don mayar da sigar firmware zuwa tsohuwar sakin da ba ta da rauni, amma har yanzu ba a tabbatar da wannan yuwuwar ba.
source: budenet.ru