"Confidential VMs Hacked via New Ahoi Attacks"

A team of researchers from ETH Zurich detailed a new type of attack that can compromise Confidential Virtual Machines (CVMs). They presented two variations of what they refer to as "Ahoi attacks." One of them, called "Heckler," involves a malicious hypervisor injecting interrupts to change data and control flow, which compromises CVMs' integrity and confidentiality. The attack targets hardware-based Trusted Execution Environments (TEEs), specifically those that use AMD's Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) and Intel's Trust Domain Extensions (TDX) technologies, both of which can be used in cloud platforms. This article continues to discuss the new Ahoi attacks. 

SecurityWeek reports "Confidential VMs Hacked via New Ahoi Attacks"

Submitted by grigby1

Submitted by Gregory Rigby on