New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

Researchers at CISPA Helmholtz Center for Information Security discovered StackWarp, a flaw in AMD Zen 1-5 CPUs that permits attackers with host privileges to run code within Secure Encrypted Virtual Machines (SEV-SNP). AMD assigned CVE-2025-29943 to this medium-severity improper access control bug—with a v4 CVSS score of 4.6.

Why This Matters

Current security models assume virtualization provides a strong isolation boundary, but StackWarp demonstrates that microarchitectural optimizations can be exploited to bypass these protections. The risk isn’t theoretical; attackers can recover an RSA-2048 key from a single faulty signature, compromising systems reliant on encryption and authentication, increasing the potential damage from cloud breaches and data exfiltration.

Key Insights

• StackWarp leverages a control bit: Researchers identified an undocumented control bit on the hypervisor side enabling manipulation of the guest VM’s stack pointer.
• Microarchitectural attacks vs. software faults: StackWarp, like its predecessor CacheWarp (CVE-2023-20592), bypasses encryption by manipulating the CPU’s internal architecture, rather than exploiting software vulnerabilities.
• Mitigation requires disabling hyperthreading: A temporary workaround recommended by researchers is disabling hyperthreading for Confidential VMs with stringent security requirements.

Working Example

(No code provided in the context)

Practical Applications

• Cloud Providers: Cloud providers using AMD EPYC CPUs need to apply microcode and firmware updates to protect customer VMs from potential compromise.
• Pitfall: Relying solely on encryption without considering underlying microarchitectural vulnerabilities can create a false sense of security, and can lead to sensitive data being exposed.

References:

• https://thehackernews.com/2026/01/new-stackwarp-hardware-flaw-breaks-amd.html