New CVE-2025-29943: StackWarp shows AMD SEV-SNP CVMs on Zen1–5 can have their stack pointer warped cross-hyperthread via an undocumented MSR, enabling RSA key theft and auth bypass even on fully patched Zen 5; mitigation today is disabling SMT and deploying AMD’s microcode fixes.
AMD SEV-SNP CVMs on Zen1–5 can have their stack pointer warped
Edward Kiledjian
@ekiledjian