AMD has released fixes for the RMPocalypse vulnerability, which can be used to undermine the security of confidential computing provided by Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP) technology.
According to experts from the Swiss Federal Institute of Technology in Zurich (ETH Zurich) who discovered the issue, their attack allows performing a single write to the Reverse Map Paging (RMP) table — a data structure that stores security metadata for all DRAM pages in the system.
According to the AMD documentation, the RMP is a structure located in DRAM that maps system physical addresses (sPA) to guest physical addresses (gPA). There is only one such table in the system, configured via x86 model-specific registers (MSRs). The RMP table also stores various security attributes for each page, which are managed by the hypervisor via hardware mechanisms and firmware.
The RMP is initialized by the Platform Security Processor (PSP), which is critically important for supporting SEV-SNP. The RMPocalypse vulnerability exploits a memory management bug during this initialization phase, allowing an attacker to access confidential data by bypassing SEV-SNP protections that are supposed to guarantee integrity and confidentiality.
The researchers explain that the crux of the problem lies in the lack of sufficient protection for the protection mechanism itself: the RMP table is not fully secured when a virtual machine is launched, which effectively opens the door to RMP corruption.
“This vulnerability allows a remote attacker to bypass certain protection features and manipulate the virtual machine environment that is supposed to be securely isolated,” the experts explain. “The vulnerability can be used to activate hidden features (for example, debug mode), forge security checks (attestation forgery), roll back to previous states (replay attack), and even inject third-party code.”
According to the researchers, successful exploitation of RMPocalypse allows an attacker to arbitrarily interfere with the operation of confidential virtual machines and extract sensitive data.
AMD has assigned this issue the identifier CVE-2025-0033 and rated it 5.9 on the CVSS scale. The vendor describes it as a race condition that can occur during initialization of the Reverse Map Table (RMP) by the embedded AMD Secure Processor (ASP or PSP). As a result, this creates conditions under which a malicious hypervisor can modify the RMP during initialization, leading to a loss of integrity of guest SEV-SNP memory.
It is reported that the following processors are affected by the vulnerability:
- AMD EPYC 7003 series;
- AMD EPYC 8004 series;
- AMD EPYC 9004 series;
- AMD EPYC 9005 series;
- AMD EPYC Embedded 7003 (fix planned for November 2025);
- AMD EPYC Embedded 8004;
- AMD EPYC Embedded 9004;
- AMD EPYC Embedded 9005 (fix planned for November 2025).
Microsoft and Supermicro have also confirmed the CVE-2025-0033 vulnerability. Microsoft reports that it is working to remediate the issue in AMD-based Azure Confidential Computing (ACC) clusters, while Supermicro stated that affected motherboard models will require a BIOS update.