New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs
1 min read
Nov 15, 2023
A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution.
This new attack exploits flaws in AMD's Secure Encrypted Virtualization-Encrypted State (SEV-ES) and Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) tech designed to protect against malicious hypervisors and reduce the attack surface of VMs by encrypting VM data and blocking attempts to alter it in any way.
The underlying vulnerability (CVE-2023-20592) was discovered by security researchers with CISPA Helmholtz Center for Information Security and Graz University of Technology and independent researcher Youheng Lue.
Related Articles
1 - 0 min read
xz-style Attacks Continue to Target Open-Source Maintainers
1 - 0 min read
Spectre V2: A New Threat to Linux Systems
1 - 0 min read
Hacked VMs Reveal New Attack Risks
1 - 0 min read
Multiple Chromium DoS, Info Disclosure Vulns Fixed [Updated]
