INTFAIL: Using Spurious #VC Interrupts to Break AMD SEV-SNP
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, Shweta Shinde
IEEE Symposium on Security and Privacy 2024 · Day 3 · Continental Ballroom 5
This talk, "INTFAIL: Using Spurious #VC Interrupts to Break AMD SEV-SNP," delves into a critical vulnerability discovered in **AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP)**, the latest and most robust generation of AMD's confidential computing processors. Presented by Supraja Sridhara and Andrin Bertschi, the research exposes how an untrusted cloud hypervisor can exploit a flaw in the #VC interrupt mechanism to compromise the confidentiality and execution integrity of an SEV-SNP protected virtual machine (VM). The core of the attack, dubbed **INTFAIL**, revolves around the hypervisor's ability to inject spurious VMM communication interrupts (#VC interrupts) and manipulate associated metadata, leading to the leakage or alteration of sensitive kernel-level state within the guest VM.
AI review
This research delivers a critical blow to AMD SEV-SNP, demonstrating a novel "In-a-Box" attack (INTFAIL) that allows an untrusted hypervisor to gain full control of confidential VMs. The team's clever exploitation of spurious #VC interrupts and exit reason manipulation provides powerful kernel R/W primitives, leading to root shells and secret exfiltration, utterly compromising SEV-SNP's security guarantees.