BadRAM attack breaches AMD secure VMs using a Raspberry Pi Pico, DDR socket, and a 9V battery

BadRAM exploit
(Image credit: BadRAM)

Researchers have described the BadRAM attack, which is claimed to facilitate the breaching of processor security “via rogue memory modules” (h/t The Register). Specifically, the research team has outlined a successful attack on AMD’s cutting-edge Secure Encrypted Virtualization (SEV) using a $5 Raspberry Pi Pico connected to a DDR socket and powered by a 9V battery. That’s just $10 of hardware required to “erode trust in the cloud.”

The name BadRAM provides a sizable hint at the angle of attack used by the team of researchers from KU Leuven in Belgium, the University of Lübeck in Germany, and the University of Birmingham in the UK. On the succinct yet informative website set up to spread awareness of BadRAM, the team highlights how ‘rogue memory’ is a security threat that has been largely ignored, at least by AMD.

(Image credit: BadRAM)

To help explain the BadRAM attack and what it can do, the researchers have provided an infographic (above) and an example video (below).

YouTube YouTube
Watch On

Put your Raspberry Pi Pico, DDR socket and 9V battery away – AMD has issued a patch

AMD has now issued firmware updates to cloud providers so systems will securely validate memory modules and configurations during boot. BadRAM can't be bad on these updated systems.

It should also be mentioned that the equivalent Trusted Execution Environments (TEEs) like Intel SGX and Arm CCA already have countermeasures against attacks like BadRAM in place, so no patching has been required to fortify their security.

TOPICS
Mark Tyson
News Editor

Mark Tyson is a news editor at Tom's Hardware. He enjoys covering the full breadth of PC tech; from business and semiconductor design to products approaching the edge of reason.

  • abufrejoval
    I can't help thinking that none of this broad attention on security issues would have happend without Edward Snoden and his disclosures!

    Thanks Ed!

    Wish you could come home!
    Reply
  • DS426
    Incredibly difficult attack to pull off; when physical security fails, ALL security fails. One of the Ten Immutable Laws of Security. Nevertheless, great that AMD has already released an update to fix this by validating memory modules. After all, expectations are high on confidential computing platforms, rightly-so.
    Reply
  • Notton
    so long as the patch doesn't cause performance issues, sure...

    but this level of direct physical attack is ridiculous. ludicrous even.
    Like, what's next? a patch against a raspi5, soldering iron, and paper clips?
    Reply
  • Kamen Rider Blade
    Once "Physical Security" has been compromised with your machine, all bets are off.
    Reply
  • NinoPino
    DS426 said:
    Incredibly difficult attack to pull off; when physical security fails, ALL security fails. One of the Ten Immutable Laws of Security. Nevertheless, great that AMD has already released an update to fix this by validating memory modules. After all, expectations are high on confidential computing platforms, rightly-so.

    Notton said:
    so long as the patch doesn't cause performance issues, sure...

    but this level of direct physical attack is ridiculous. ludicrous even.
    Like, what's next? a patch against a raspi5, soldering iron, and paper clips?

    Kamen Rider Blade said:
    Once "Physical Security" has been compromised with your machine, all bets are off.
    Agree with all of you, but the memory encryption is specifically aimed to prevent also this type of attack. So is absolutely due, that AMD and all the security related actors takes this type of vulnerabilities with maximum priority.
    Reply
  • Kamen Rider Blade
    NinoPino said:
    Agree with all of you, but the memory encryption is specifically aimed to prevent also this type of attack. So is absolutely due, that AMD and all the security related actors takes this type of vulnerabilities with maximum priorità.
    Ergo, AMD releasing the security patches.
    Reply
  • Findecanor
    State actors have been able to pull off physical security attacks by intercepting shipments and putting their own stuff in them. Or sometimes cooperated with the actual manufacturer.

    Just because an attack is unlikely is by itself no reason not to have safeguards against it.
    Proper risk analysis takes into account both the attack's likelihood and amount of damage it could cause.
    Reply
  • hotaru251
    DS426 said:
    Incredibly difficult attack to pull off; when physical security fails, ALL security fails.
    this.
    If the criminal actor has access to the actual server you are pretty much boned anyways.
    Reply
  • artk2219
    Findecanor said:
    State actors have been able to pull off physical security attacks by intercepting shipments and putting their own stuff in them. Or sometimes cooperated with the actual manufacturer.

    Just because an attack is unlikely is by itself no reason not to have safeguards against it.
    Proper risk analysis takes into account both the attack's likelihood and amount of damage it could cause.
    Thats what i was thinking of, if you have access to the shipment or are the "supplier", you can ship whatever you want, then your target will take care of installing or using it themselves. Israel's recent beeper, burner phone, and walkie-talkie, lets call them "special operations" comes to mind. There is no reason a near peer couldn't do the same, only instead of commo equipment with a loud report, its compromised computer hardware.
    Reply