Chipmaker AMD has released fixes for a vulnerability researchers have dubbed RMPocalypse that can undermine the confidentiality and integrity guarantees of Secure Encrypted Virtualization with Secure Nested Paging (SEV‑SNP). The exploit, described by ETH Zürich researchers Benedict Schlüter and Shweta Shinde, uses a method the team details on the attack page.
The researchers say the flaw targets the Reverse Map Paging (RMP) table, a system structure that maps system physical addresses to guest physical addresses. AMD’s own specification documentation describes the RMP as a single, system‑wide table holding security attributes for DRAM pages that the hypervisor and firmware manage.
According to ETH Zürich, RMPocalypse exploits a memory management weakness that can occur when the Platform Security Processor (PSP) initializes the RMP, leaving the table insufficiently protected as SEV‑SNP is started. ETH Zürich said the gap could let an attacker bypass protections, enable hidden functions such as debug mode, forge attestation checks, perform replay attacks and inject foreign code.
AMD assigned the issue CVE‑2025‑0033 and in an advisory noted the vulnerability can arise from a race condition while the AMD Secure Processor is initializing the RMP. AMD said the flaw could allow a malicious hypervisor to manipulate initial RMP contents and result in loss of SEV‑SNP guest memory integrity. The company listed affected processors including EPYC 7003, 8004, 9004 and 9005 series and several EPYC embedded variants, and said fixes are planned or released for affected platforms.
Microsoft and Supermicro have acknowledged CVE‑2025‑0033. Microsoft told customers it is working to remediate the issue in Azure Confidential Computing clusters using AMD‑based nodes, and Supermicro said impacted motherboard SKUs require BIOS updates; both companies provided guidance publicly on their sites for affected users and administrators.
The ETH Zürich team said the design of the RMP means a single eight‑byte overwrite during initialization can compromise the entire table. The researchers reported that a compromised RMP would void SEV‑SNP integrity guarantees and, in their case studies, allow arbitrary tampering with confidential virtual machines and exfiltration of secrets with a high success rate.
The report noted the disclosure comes weeks after academics demonstrated a separate cloud processor weakness called Battering RAM.