2d ago

AMD Zen 1 through Zen 4 CPUs use an insecure hash function in the signature validation for microcode updates; researchers released a proof of concept update which makes the RDRAND instruction return 4

github.com AMD: Microcode Signature Verification Vulnerability

### Summary Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside...

for readers missing the significance of the number 4 in the proof of concept: to demonstrate this vulnerability the researchers created a microcode update which replaces the "hardware" random number generator behind the RDRAND instruction with an implementation of xkcd#221 😭

5 comments

Relevant xkcd: https://xkcd.com/221/
- Ah shit, I just saw you posted the same thing in the body text

4? That's amazing! I've got the same RDRAND instruction on my luggage!

In practical terms, can someone explain what this means? Ring 0 from outside a VM.
That would mean that if I were to have an image of an OS, as long as I have local admin while loading this on a VM, I would be able to run code as root?