Black Hat Europe 2025 | RMPocalypse: A Catch-22 Breaking AMDs Confidential Computing

AMD SEV-SNP offers confidential computing in form of confidential VMs, such that the untrusted hypervisor cannot tamper with its confidentiality and integrity. SEV-SNP, the latest addition, ensures integrity via the Reverse Map Table (RMP) that stops the hypervisor from tampering guest page mappings. AMD uses RMP entries to protect the rest of the RMP, thus causing a Catch-22 during the RMP setup phase. To address this, SEV-SNP relies on AMD's Platform Security Processor (PSP), that resides next to the x86 cores executing SEV-SNP VMs, to perform the RMP initialization. We present RMPocalypse, a novel attack that shows insufficiency during RMP initialization and exploits it to break not only integrity but also confidentiality guarantees of SEV-SNP. We demonstrate RMPocalypse by enabling debug on production-mode CVMs, faking attestation, VMSA state rollback, and code injection By: Benedict Markus Schlüter | PhD Student, ETH Zurich

Join Today
16 Bit im Jahr 1979: Warum war dieser Computer so langsam?
▶︎

16 Bit im Jahr 1979: Warum war dieser Computer so langsam?

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones
▶︎

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones

Black Hat Europe 2025 | Low-Cost Memory Interposer Attacks On Confidential Computing
▶︎

Black Hat Europe 2025 | Low-Cost Memory Interposer Attacks On Confidential Computing

Black Hat Europe | LINE-Break: Cryptanalysis And Reverse Engineering Of Letter Sealing
▶︎

Black Hat Europe | LINE-Break: Cryptanalysis And Reverse Engineering Of Letter Sealing

Black Hat Europe 2025 | Pickle Exploitation Techniques And Their Detection Using SaferPickle
▶︎

Black Hat Europe 2025 | Pickle Exploitation Techniques And Their Detection Using SaferPickle

A New Gaming GPU Challenger: Bolt Graphics Takes Aim at NVIDIA
▶︎

A New Gaming GPU Challenger: Bolt Graphics Takes Aim at NVIDIA

Using Large Language Models | Build Your Own LLM Workshop #1
▶︎

Using Large Language Models | Build Your Own LLM Workshop #1

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
▶︎

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker
▶︎

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker

Reinventing Entropy | Compression is Intelligence Part 1
▶︎

Reinventing Entropy | Compression is Intelligence Part 1

Vladan Nikolić: Car hacking for intermediate beginners
▶︎

Vladan Nikolić: Car hacking for intermediate beginners

Stop zero days without a patch: You need to learn eBPF
▶︎

Stop zero days without a patch: You need to learn eBPF

Android 17 sucks. So I put Linux on a phone.
▶︎

Android 17 sucks. So I put Linux on a phone.

Black Hat Europe 2025 | Hacking Smart Cities One Building At A Time - A City Of A Thousand Zero Days
▶︎

Black Hat Europe 2025 | Hacking Smart Cities One Building At A Time - A City Of A Thousand Zero Days

CLAUDE CODE ADVANCED FULL COURSE (3 HOURS)
▶︎

CLAUDE CODE ADVANCED FULL COURSE (3 HOURS)

The Shocking Reason Why Keir Starmer Has Resigned: Top Economist
▶︎

The Shocking Reason Why Keir Starmer Has Resigned: Top Economist

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Is the AfD a threat to Germany? Mehdi Hasan & Maximilian Krah | Head to Head
▶︎

Is the AfD a threat to Germany? Mehdi Hasan & Maximilian Krah | Head to Head

The World's Most Important Machine
▶︎

The World's Most Important Machine

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
▶︎

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup