Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP
A new attack method called Fabricked has been introduced, which compromises AMD's SEV-SNP technology used for confidential computing. By misconfiguring the Infinity Fabric, attackers can manipulate memory transactions and deceive the secure co-processor, leading to unauthorized access within Confidential Virtual Machines. This vulnerability highlights significant flaws in the initialization process of SEV-SNP, allowing malicious hypervisors to bypass security measures.
- ▪Fabricked is a software-based attack that targets AMD's SEV-SNP by manipulating memory routing.
- ▪The attack allows a malicious hypervisor to deceive the secure co-processor into improperly initializing SEV-SNP.
- ▪This results in arbitrary read and write access within the Confidential Virtual Machine address space, undermining core security guarantees.
Opening excerpt (first ~120 words) tap to expand
On this pageSummaryWhat is AMD SEV-SNP?What is the Infinity Fabric?Fabricked OverviewWhat went wrong?Attack ComplexityAffected HardwareFAQAuthorsResponsible DisclosureCVE & AMD ResponseCitationFabrickedMisconfiguring Infinity Fabric to Break AMD SEV-SNP(USENIX Security 2026)PaperSourceCitationSummary#Confidential computing allows cloud tenants to offload sensitive computations and data to remote resources without needing to trust the cloud service provider. Hardware-based trusted execution environments, like AMD SEV-SNP, achieve this by creating Confidential Virtual Machines (CVMs). With Fabricked, we present a novel software-based attack that manipulates memory routing to compromise AMD SEV-SNP.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at XCA.
Discussion
0 commentsMore from XCA
