Researchers have successfully reproduced the BadAML attack that exploits ACPI tables to achieve arbitrary code execution inside confidential VMs, bypassing memory isolation guarantees. The team developed an AML sandbox mitigation that restricts bytecode execution to shared memory pages to protect against this vulnerability. This affects multiple confidential computing platforms using CVMs including AMD SEV-SNP and Intel TDX technologies.
Background
Confidential Computing uses Trusted Execution Environments (TEEs) with memory isolation and remote attestation to protect workloads from malicious infrastructure providers. Confidential VMs (CVMs) implement this protection through CPU extensions like AMD SEV-SNP and Intel TDX.
- Source
- Lobsters
- Published
- Mar 31, 2026 at 06:04 PM
- Score
- 8.0 / 10