CacheWarp: Software-based Fault Injection Using Selective State Reset

Learn about a groundbreaking security research presentation from USENIX Security '24 that introduces CacheWarp, a novel software-based fault attack targeting AMD SEV-ES and SEV-SNP trusted execution environments. Explore how researchers from CISPA Helmholtz Center for Information Security and Graz University of Technology discovered a vulnerability allowing attackers to revert modified cache lines in guest virtual machines to previous states, effectively bypassing AMD's security measures. Examine three practical case studies demonstrating successful attacks: recovering RSA private keys from Intel IPP crypto library, unauthorized OpenSSH server access, and privilege escalation through sudo binary manipulation. Understand why this vulnerability poses significant challenges for hardware-level mitigations, as it exploits fundamental architectural features of AMD's secure virtualization technology.