Hardware Bug Affects All AMD Zen Processors from 2017 to Present

Hardware Bug Affects All AMD Zen Processors from 2017 to Present

Security researchers from Germany’s CISPA Helmholtz Center for Information Security have disclosed a significant hardware vulnerability affecting all AMD processors from the Zen 1 through Zen 5 architectures, potentially compromising the security of confidential virtual machines used in cloud computing environments.

The vulnerability, dubbed StackWarp, exploits a synchronization flaw in AMD processors’ stack engine, a component designed to optimize stack operations for better performance.

This flaw enables malicious attackers with host-level access to manipulate stack pointers within protected virtual machines, breaking through security barriers that AMD’s Secure Encrypted Virtualization technology was designed to maintain.

How to Prevent Ransomware Infection Risks

Understanding the Threat

StackWarp represents a particularly sophisticated attack vector. Unlike traditional security breaches that attempt to decrypt protected memory, this vulnerability allows attackers to manipulate the execution flow of programs running inside confidential virtual machines without ever accessing the encrypted data directly.

The research team, led by Ruiyi Zhang along with colleagues Tristan Hornetz, Daniel Weber, Fabian Thomas, and Michael Schwarz, demonstrated several alarming capabilities of the attack. In their proof-of-concept demonstrations, they successfully reconstructed RSA-2048 private keys, bypassed OpenSSH password authentication, circumvented sudo password prompts, and achieved kernel-mode code execution within protected virtual machines.

The vulnerability works by exploiting an undocumented control bit in a model-specific register. When an attacker running code on a sibling hyperthread toggles this bit, it creates a “freeze-release” effect on the stack engine. During the freeze period, stack operations like push and pop update memory but withhold changes to the architectural stack pointer. When the engine reactivates, all accumulated changes release simultaneously, allowing the attacker to deterministically manipulate the stack pointer’s position.

Why servers with Linux OS are much more than Windows server?

Who Is Affected?

All AMD processors based on Zen microarchitectures are vulnerable, spanning from the original Zen 1 (released in 2017) through the latest Zen 5 processors. This includes consumer desktop and laptop processors as well as enterprise-grade EPYC server chips used extensively in cloud computing infrastructure.

However, the vulnerability primarily threatens systems running AMD Secure Encrypted Virtualization with Secure Nested Paging, specifically those hosting confidential virtual machines. Traditional virtual machines without SEV-SNP protection are not at risk from this specific attack, as they don’t claim protection against malicious hypervisors in the first place.

The vulnerability is particularly relevant for cloud service providers and organizations processing sensitive data in virtualized environments where hyperthreading is enabled. Systems without hyperthreading enabled are not susceptible to this attack.

Why VPN Security Should Be Every Enterprise’s Top Priority

Is StackWarp Fixable?

Despite being a hardware design flaw, yes, StackWarp can be mitigated through software updates. AMD has responded to the disclosure by releasing microcode patches that address the vulnerability.

According to AMD’s security bulletin, the company was notified of the issue through responsible disclosure practices, giving them time to develop countermeasures before public disclosure. AMD released hot-loadable microcode patches for affected EPYC server processors in July 2025, several months before the public announcement in January 2026.

The company has assigned the vulnerability CVE-2025-29943 and rated it as low severity with a CVSS score of 3.2 out of 10. This relatively low rating reflects the fact that successful exploitation requires an attacker to already have administrative access to the host system, significantly limiting the practical attack scenarios.

Why Linux Doesn’t Need Antivirus Software (But Windows Does)

What AMD Is Doing

AMD’s response to StackWarp follows the company’s established security incident response protocols. The chipmaker has taken several concrete steps to address the vulnerability:

Microcode Patches: AMD has developed and distributed microcode updates that fix the synchronization flaw in the stack engine. These patches have been made available to Original Equipment Manufacturers, Original Design Manufacturers, and motherboard manufacturers for integration into firmware updates.

Platform Initialization Packages: AMD has provided updated Platform Initialization firmware packages to hardware vendors, enabling them to roll out fixes through BIOS and UEFI updates.

Security Bulletin: The company published an official security advisory providing technical details, affected product lists, and mitigation guidance for system administrators and cloud service providers.

Coordination: AMD worked with the research team under coordinated vulnerability disclosure practices, allowing for patch development and distribution before public disclosure.

The Most Windows-Friendly Linux Distributions for General Consumers: A Complete Guide

What Users and Organizations Should Do

For system administrators, cloud providers, and organizations running AMD-based infrastructure, several immediate actions are recommended:

Apply Updates Promptly: Check with your motherboard manufacturer or OEM for BIOS and firmware updates containing AMD’s microcode patches. Install these updates as soon as they become available. Users should visit their hardware manufacturer’s support website to download the latest BIOS updates.

Assess Your Risk: Determine whether your systems run confidential virtual machines using AMD SEV-SNP. If you don’t use this technology, your vulnerability to StackWarp is significantly reduced. Traditional virtual machines and standard computing workloads are not at risk from this specific attack.

Interim Mitigation: For systems that cannot immediately be patched, disabling simultaneous multithreading provides an effective temporary workaround. However, this comes with performance trade-offs that must be weighed against security requirements.

Verify Hyperthreading Status: Check whether hyperthreading is enabled on affected systems. The vulnerability only manifests when hyperthreading is active, so systems with this feature disabled are not susceptible.

Monitor for Updates: Stay informed about new developments and additional patches from AMD and your hardware vendors. The supply chain for firmware updates can be complex, with different vendors releasing updates on different schedules.

Review Cloud Security Posture: Organizations using cloud services should inquire with their providers about StackWarp mitigation status, especially if running workloads that rely on confidential computing guarantees.

What is the best alternative to Microsoft Office?

Broader Implications for Cloud Security

The discovery of StackWarp raises important questions about the security guarantees of confidential computing technologies. AMD’s SEV-SNP was designed specifically to protect virtual machine memory from malicious cloud providers and compromised hypervisors. The fact that this protection can be circumvented through microarchitectural manipulation, without ever decrypting the protected memory, highlights the challenges of securing complex modern processors.

The vulnerability joins a growing list of microarchitectural security issues affecting modern processors, including similar flaws like CacheWarp (discovered by the same research team), Spectre, and Meltdown. These discoveries underscore the reality that hardware security is an ongoing challenge requiring constant vigilance and collaboration between researchers, chipmakers, and the broader security community.

For cloud computing, where multiple tenants share physical hardware, StackWarp demonstrates that the isolation between virtual machines cannot be taken for granted, even with advanced security features enabled. Multi-tenant cloud environments using AMD hardware for confidential workloads must reassess their security assumptions and ensure proper mitigations are in place.

Why Enterprises Must Implement Zero Trust Security?

Looking Forward

The research team’s findings will be presented at USENIX Security 2026, providing the academic and security communities with detailed technical analysis. The full research paper, proof-of-concept code, and demonstration videos are available on the dedicated StackWarp website for those interested in the technical details.

As researcher Ruiyi Zhang noted, the discovery shows how even small microarchitectural details can have significant security implications. The team’s work emphasizes the importance of thorough security analysis of processor designs to ensure that future generations become not only more powerful but also more secure.

While the immediate risk from StackWarp appears limited due to the requirement for host-level access and the availability of patches, the vulnerability serves as a reminder that security in modern computing is a moving target. Continuous research, responsible disclosure, and prompt patching remain essential components of maintaining secure computing environments in an era of increasingly sophisticated hardware and software systems.

Organizations and individuals using AMD processors should prioritize applying available updates and following best practices for system security. The combination of prompt vendor response, available mitigations, and the research community’s responsible disclosure practices demonstrates how the security ecosystem can work effectively to address emerging threats.

Hardware Bug Affects All AMD Zen Processors from 2017 to Present