Ravie LakshmananJan 19, 2026Hardware Safety / Vulnerability
A staff of teachers from the CISPA Helmholtz Middle for Data Safety in Germany has disclosed the main points of a brand new {hardware} vulnerability affecting AMD processors.
The safety flaw, codenamed StackWarp, can permit dangerous actors with privileged management over a bunch server to run malicious code inside confidential digital machines (CVMs), undermining the integrity ensures supplied by AMD Safe Encrypted Virtualization with Safe Nested Paging (SEV-SNP). It impacts AMD Zen 1 via Zen 5 processors.
“Within the context of SEV-SNP, this flaw permits malicious VM [virtual machine] hosts to govern the visitor VM’s stack pointer,” researchers Ruiyi Zhang, Tristan Hornetz, Daniel Weber, Fabian Thomas, and Michael Schwarz mentioned. “This permits hijacking of each management and knowledge stream, permitting an attacker to realize distant code execution and privilege escalation inside a confidential VM.”
AMD, which is monitoring the vulnerability as CVE-2025-29943 (CVSS v4 rating: 4.6), characterised it as a medium-severity, improper entry management bug that might permit an admin-privileged attacker to change the configuration of the CPU pipeline, inflicting the stack pointer to be corrupted inside an SEV-SNP visitor.
The problem impacts the next product strains –
AMD EPYC 7003 Collection Processors
AMD EPYC 8004 Collection Processors
AMD EPYC 9004 Collection Processors
AMD EPYC 9005 Collection Processors
AMD EPYC Embedded 7003 Collection Processors
AMD EPYC Embedded 8004 Collection Processors
AMD EPYC Embedded 9004 Collection Processors
AMD EPYC Embedded 9005 Collection Processors
Whereas SEV is designed to encrypt the reminiscence of protected VMs and is meant to isolate them from the underlying hypervisor, the brand new findings from CISPA present that the safeguard might be bypassed with out studying the VM’s plaintext reminiscence by as a substitute focusing on a microarchitectural optimization known as stack engine, answerable for accelerated stack operations.
“The vulnerability might be exploited by way of a beforehand undocumented management bit on the hypervisor facet,” Zhang mentioned in a press release shared with The Hacker Information. “An attacker working a hyperthread in parallel with the goal VM can use this to govern the place of the stack pointer contained in the protected VM.”
This, in flip, permits redirection of program stream or manipulation of delicate knowledge. The StackWarp assault can be utilized to reveal secrets and techniques from SEV-secured environments and compromise VMs hosted on AMD-powered cloud environments. Particularly, it may be exploited to get better an RSA-2048 non-public key from a single defective signature, successfully getting round OpenSSH password authentication and sudo’s password immediate, and attain kernel-mode code execution in a VM.
The chipmaker launched microcode updates for the vulnerability in July and October 2025, with AGESA patches for EPYC Embedded 8004 and 9004 Collection Processors scheduled for launch in April 2026.
The event builds upon a previous research from CISPA that detailed CacheWarp (CVE-2023-20592, CVSS v3 rating:m 6.5), a software program fault assault on AMD SEV-SNP, which allows attackers to hijack management stream, break into encrypted VMs, and carry out privilege escalation contained in the VM. It is price noting that each are {hardware} architectural assaults.
“For operators of SEV-SNP hosts, there are concrete steps to take: First, test whether or not hyperthreading is enabled on the affected programs. Whether it is, plan a short lived disablement for CVMs which have notably excessive integrity necessities,” Zhang mentioned. “On the identical time, any out there microcode and firmware updates from the {hardware} distributors needs to be put in. StackWarp is one other instance of how delicate microarchitectural results can undermine system-level safety ensures.”
