BadRAM attack breaches AMD secure VMs using a Raspberry Pi Pico, DDR socket, and a 9V battery

Researchers have described the BadRAM attack, which is claimed to facilitate the breaching of processor security “via rogue memory modules” (h/t The Register). Specifically, the research team has outlined a successful attack on AMD’s cutting-edge Secure Encrypted Virtualization (SEV) using a $5 Raspberry Pi Pico connected to a DDR socket and powered by a 9V battery. That’s just $10 of hardware required to “erode trust in the cloud.”

The name BadRAM provides a sizable hint at the angle of attack used by the team of researchers from KU Leuven in Belgium, the University of Lübeck in Germany, and the University of Birmingham in the UK. On the succinct yet informative website set up to spread awareness of BadRAM, the team highlights how ‘rogue memory’ is a security threat that has been largely ignored, at least by AMD.

For their BadRAM shenanigans, the team created “rogue memory modules that deliberately provide false information to the processor during startup,” and were then able to tinker with a system to bypass cloud server virtualization protections.

Earlier we mentioned AMD SEV, and this modern technology is designed to “protect privacy and trust in cloud computing by encrypting a virtual machine's (VM's) memory and isolating it from advanced attackers.” It even works when bad actors have access to critical infrastructure like the virtual machine manager or firmware. However, BadRAM bypasses SEV, including AMD’s latest SEV-SNP (Secure Nested Paging) tech using just $10 of hardware.

Leveraging the BadRAM attack, the researchers could go on to “completely compromise the AMD SEV ecosystem, faking remote attestation reports and inserting backdoors into any SEV-protected VM.” To do this they needed access to the SPD chip on server DIMMs, which they explained could be done by an insider in a cloud environment. Alternatively, software-based attacks could work, where the SPD chip wasn’t locked by the manufacturer.

To help explain the BadRAM attack and what it can do, the researchers have provided an infographic (above) and an example video (below).

YouTube

Watch On

Put your Raspberry Pi Pico, DDR socket and 9V battery away – AMD has issued a patch

AMD has now issued firmware updates to cloud providers so systems will securely validate memory modules and configurations during boot. BadRAM can't be bad on these updated systems.

It should also be mentioned that the equivalent Trusted Execution Environments (TEEs) like Intel SGX and Arm CCA already have countermeasures against attacks like BadRAM in place, so no patching has been required to fortify their security.