StackWarp Vulnerability
6 points by jado
6 points by jado
I was confused by the TLDR as it seemed to be saying the the VM host could modify the VM, which I had assumed was a given.
The TLDR skips the important detail: this is for an AMD feature that encrypts the state of the hosted VM such that the host is meant to be unable to manipulate the state of the hosted VM, which seems to be called/marketed as a "confidential VM" .
The bug itself is triggered by an modifying an undocumented msr bit, but the core attack is on the "stack engine" which is basically just an speculative optimization mechanism that simply tracks deltas to the stack pointer, so if you can cause confusion over what deltas should be applied to the stack pointer you can control the change in value of the encrypted stack pointer with out being able to read/write to it directly. From there if you can change the stack pointer in a way that gets you the control flow you want (as an attacker) you can circumvent the confidentiality of the VM.
Also, I am so tired of branded bugs with webpages.
AMD's security bulletin since I didn't see it linked on the site: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3027.html
Only seems to matter for clown deployments.