tldr: The Host can trigger cache invalidations (without write back) in SEV-protected guests. Certainly an interesting oversight, easily fixed in microcode.
It is really interesting and stupid to inform about vulnerabilities because if some competent hacker dont know about it now it does :D
CacheWarp was discovered earlier this year and AMD was informed in APRIL.
The researchers gave AMD 8 months to come up with a patch before publication.
You can’t blame the researchers for publishing their work, they gave AMD plenty of time to address it.
Security through obscurity is usually a terrible idea. Almost all the time it gets published BECAUSE there’s a high likelihood of it being found out pretty soon, something is already in the wild, OR it was patched long ago.
We prioritize patching against anything actively exploited which usually happens BEFORE patches even get written.
I thought they only did that after the fix…
Companies are informed before the public, they are then given a period of time before the public release of the info in order to fix it. This is how its worked for quite a while now.
Hiding the information does nothing, someone out there is possibly already using the attack anyway and making it public forces the company to act instead of sweeping the problem away.
(Though AMD likes to make the fixes optional when they do get around to it anyway but details.)