Olivia
Online
Ruiyi Zhang
@Rayiizzz
Microarchitectural Security | PhD Candidate at CISPA | Ex Research Intern @Google | #StackWarp #CacheWarp
Joined August 2019
225 Following
557 Followers
103 Posts
Pinned Tweet
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
After an embargo of 256 days, I'm happy to reveal our newest work: we present TREVEX, a black-box CPU fuzzer that detects transient execution vulnerabilities in an automated manner. Running TREVEX on AMD, Intel, and Zhaoxin CPUs discovered multiple new CPU vulnerabilities!
Private AI in Confidential VMs isn't as private as we thought. 🤯
We just showed how to reconstruct user LLM prompts word-for-word from inside an encrypted Intel TDX enclave—without breaking any cryptography.
Introducing TDXRay (IEEE S&P 2026): https://t.co/rZIcJG76pI
(1/4)
@CPUGenius11 yes, a microcode update
Who to follow
Daniel Weber
@weber_daniel
Microarchitectural Security | PhD Student @cispa | Stealing Flags for @saarsec
Soheil Khodayari
@Soheil__K
Security Researcher @CrowdStrike, Web, Program Analysis | Past: CISPA @IMDEA_Software.
Andreas Kogler
@0xhilbert
Security Researcher | Informatics PhD | Alumni @tugraz | Pwnie Award 2022 | BlackHat Speaker | Power Analysis | Fault Attacks | μ-Architectural Attacks
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
@robertomasymas @weber_daniel @fth0mas @misc0110 I’m leaning toward it being an implementation bug. Regardless, it’s patched now, and CVMs are more secure.
@JustWantToQ1 That's correct. As I noted in the quote, while the bug exists on Zen 1-5, it only becomes a security vulnerability for confidential VMs.
If an SMT sibling disables it, the RSP delta becomes 'frozen' and is only released to a future execution context when the bit is toggled again.
While the underlying bug exists across Zen 1-5, it only poses a security risk in specific scenarios, like within confidential computing.
To clear up some confusion: the root cause lies in the stack engine, a CPU frontend optimization that manages the Stack Pointer (RSP) to reduce backend overhead.
We discovered that an undocumented MSR bit acts as a toggle for this optimization. (1/2)
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
New StackWarp Attack Threatens Confidential VMs on AMD Processors https://t.co/xGxCpeVcN5
@offby1security Sounds awesome, would love to!
@Void_The_Null We disclosed this vulnerability to AMD in March 2025 and embargo is over as of today. AMD already released a microcode patch to mitigate it :)
Blogpost: https://t.co/249QfTR8EQ
For more details on the discovery process and our findings, we refer to our research paper, which is published at USENIX Security 2026.
paper: https://t.co/Z8ozxKUqIv
github: https://t.co/9guHTl8lDu
\cc Tristan Hornetz, @weber_daniel, @fth0mas, @misc0110
The program for uASC'26 is online https://t.co/HKLjyiNEkl We have some very interesting papers which are already available, so be sure to check them out. Better yet, join us in Leuven next month to listen to the authors! Registration is still open and free but seats are limited.
🔓 Heracles @acm_ccs'25: Breaking AMD’s Confidential Computing!
We show that the hypervisor can read and move hardware-encrypted memory on AMD SEV-SNP.
We build a chosen-plaintext oracle to leak kernel memory, auth keys, and cookies from "confidential" VMs
https://t.co/upHXpLqSeA
@lyq_sqsp Congrats!
I am chairing the second edition of the microarchitecture security conference (uASC'26). Paper deadline for the first cycle is July 15. Please spread the word, submit, and/or join us in charming Leuven in February 2026! More info: https://t.co/nAIs7HZ1SS
long embargo, but there is a demo with good music at least: https://t.co/7Gla8DCMla
✅ Write constant-time crypto code
☠️ Compiler introduces timing side-channels
Do Compilers Break Constant-time Guarantees?
https://t.co/x0f0GCmcjC
TL;DR: Yes!🥲
👏👏👏Great work @misc0110 & team!
https://t.co/JE68XbHamM
Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers