"If you use virtual machines, there's reason to feel less-than-Zen about AMD's CPUs. Computer scientists affiliated with the CISPA Helmholtz Center for Information Security in Germany have found a vulnerability in AMD CPUs that exposes secrets in its secure virtualization environment. The flaw, dubbed StackWarp, potentially allows a malicious insider who controls a host server to access sensitive data within AMD SEV-SNP guests through attacks designed to recover cryptographic private keys, bypass OpenSSH password authentication, and escalate privileges."
"StackWarp demonstrates yet again that it's difficult to guarantee that virtual computing resources remain isolated from one another on common hardware. It exploits a flaw in the microarchitecture designed to accelerate stack operations. "The vulnerability can be exploited via a previously undocumented control bit on the hypervisor side," said CISPA researcher Ruiyi Zhang in a statement provided to The Register."
Researchers at CISPA discovered StackWarp, a microarchitectural flaw in AMD CPUs that affects the SEV-SNP secure virtualization environment. The flaw allows a malicious host or a co-located hyperthread to manipulate a guest VM's stack pointer via a previously undocumented control bit, enabling recovery of cryptographic private keys, bypass of OpenSSH password authentication, and privilege escalation. The attack requires Simultaneous Multithreading (SMT) to be enabled and targets SEV-SNP confidential VMs. AMD was notified, released patches in July 2025, and published a bulletin classifying the issue as low severity. The flaw underscores risks from shared core resources and challenges in guaranteeing VM isolation on common hardware.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]