Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP

fabricked-attack.github.io

Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP

fabricked-attack.github.io

digicatM to

blueteamsecEnglish · 4 days ago

Confidential computing allows cloud tenants to offload sensitive computations and data to remote resources without needing to trust the cloud service provider. Hardware-based trusted execution environments, like AMD SEV-SNP, achieve this by creating Confidential Virtual Machines (CVMs). With Fabricked, we present a novel software-based attack that manipulates memory routing to compromise AMD SEV-SNP. By redirecting memory transactions, a malicious hypervisor can deceive the secure co-processor (PSP) into improperly initializing SEV-SNP. This enables the attacker to perform arbitrary read and write access within the CVM address space, thus breaking SEV-SNP core security guarantees.

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

11 users / day
131 users / week
336 users / month
1.02K users / 6 months
231 local subscribers
689 subscribers
3.11K Posts
240 Comments
Modlog

mods:
digicat