SEVered: Subverting AMD's Virtual Machine Encryption

TL;DR

SEVered demonstrates a practical attack on AMD SEV, enabling a malicious hypervisor to extract full plaintext memory contents from encrypted virtual machines without physical access, even under high load.

Contribution

We introduce SEVered, a novel attack that compromises AMD SEV encryption by extracting memory contents remotely without physical access or VM collusion.

Findings

Successfully extracted full memory contents from encrypted VMs.

Effective under high load conditions.

Works without physical access or VM collusion.

Abstract

AMD SEV is a hardware feature designed for the secure encryption of virtual machines. SEV aims to protect virtual machine memory not only from other malicious guests and physical attackers, but also from a possibly malicious hypervisor. This relieves cloud and virtual server customers from fully trusting their server providers and the hypervisors they are using. We present the design and implementation of SEVered, an attack from a malicious hypervisor capable of extracting the full contents of main memory in plaintext from SEV-encrypted virtual machines. SEVered neither requires physical access nor colluding virtual machines, but only relies on a remote communication service, such as a web server, running in the targeted virtual machine. We verify the effectiveness of SEVered on a recent AMD SEV-enabled server platform running different services, such as web or SSH servers, in encrypted virtual machines. With these examples, we demonstrate that SEVered reliably and efficiently extracts all memory contents even in scenarios where the targeted virtual machine is under high load.