Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

AMD SEV-SNP RMP initialization race condition remote code execution flaw (CVE-2025-0033)

Vulnerability
First reported
Last updated
Happening score
H score 2
2 unique sources, 2 articles

Summary

Hide ▲

CVE-2025-0033 exposes a race condition in AMD SEV-SNP RMP initialization that can let a malicious hypervisor corrupt protected memory mappings and break guest confidentiality and integrity. The flaw affects EPYC and EPYC Embedded processors, with testing on Zen 3, Zen 4, and Zen 5 systems showing the attack can overwrite pages during setup. AMD sent patches to OEMs for BIOS updates, and Microsoft is updating Azure Confidential Computing AMD-based clusters.

Related Happenings

GPUBreach GPU Rowhammer research enables GDDR6 page-table corruption and privilege escalation

Technical Analysis
First: 07.04.2026 00:44 Last: 07.04.2026 00:44 Sources 1

About this happening: **GPUBreach** research shows **Rowhammer** bit flips in **GDDR6** can corrupt **GPU page tables**, creating a path to **arbitrary GPU memory read/write** and potential **full syst...

Open Happening

Microsoft BitLocker hardware-accelerated rollout in Windows 11

Security Tool/Service
First: 23.12.2025 22:03 Last: 23.12.2025 22:03 Sources 1

About this happening: Microsoft is rolling out **hardware-accelerated BitLocker** in **Windows 11**, improving **encryption performance** and **key protection** on supported devices. The new mode offlo...

Open Happening

Battering RAM interposer attack breaks Intel SGX and AMD SEV-SNP confidential computing

Technical Analysis
First: 01.10.2025 17:54 Last: 01.10.2025 17:54 Sources 1

About this happening: Researchers demonstrated **Battering RAM**, a **$50** interposer attack that can bypass **Intel SGX** and **AMD SEV-SNP**, undermining confidential-computing protections for cloud...

Open Happening

Timeline

  1. 14.10.2025 13:52 2 articles · 7mo ago

    AMD and Microsoft begin fixes for CVE-2025-0033

    Mitigation Patch Update

    AMD said its EPYC and EPYC Embedded series processors are affected by CVE-2025-0033 and sent patches to OEMs for BIOS updates, while Microsoft said it has been working on updates for Azure Confidential Computing AMD-based clusters and will notify customers if resource reboots are required.

    Show sources
    Open in new tab
  2. 14.10.2025 13:52 2 articles · 7mo ago

    ETH Zurich identifies RMPocalypse in AMD SEV-SNP memory management

    Initial Disclosure

    ETH Zurich researchers identified CVE-2025-0033 in AMD Secure Processor (ASP) and SEV-SNP memory management, describing a race condition during Reverse Map Table (RMP) initialization that lets a malicious hypervisor corrupt RMP entries and compromise confidential VM integrity and confidentiality.

    Show sources
    Open in new tab
  3. 14.10.2025 13:52 2 articles · 7mo ago

    ETH Zurich identifies RMPocalypse in AMD SEV-SNP memory management

    Initial Disclosure

    ETH Zurich researchers identified CVE-2025-0033 in AMD Secure Processor (ASP) and SEV-SNP memory management, describing a race condition during Reverse Map Table (RMP) initialization that lets a malicious hypervisor corrupt RMP entries and compromise confidential VM integrity and confidentiality.

    Show sources
    Open in new tab