Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP

Researchers have disclosed a new vulnerability called Fabricked that allows a malicious hypervisor to bypass AMD SEV-SNP protections by manipulating Infinity Fabric configurations, potentially exposing VM memory to unauthorized access.

The Fabricked attack exploits a flaw in how the untrusted UEFI firmware configures the Infinity Fabric during system boot. By modifying the UEFI to skip specific configuration steps, an attacker can re-route memory transactions between the CPU cores, the secure co-processor (PSP), and DRAM. This misrouting enables the attacker to interfere with the SEV-SNP initialization process, specifically the setup of the RMP (Restricted Memory Pages), a critical data structure that enforces memory access controls within confidential virtual machines.

During the attack, the hypervisor corrupts the Infinity Fabric routing rules before the PSP performs memory writes during SEV-SNP setup. As a result, the RMP remains uninitialized or insecurely configured, allowing subsequent memory accesses within CVMs to be accessed or tampered with by the attacker. This effectively breaks the core confidentiality guarantees of AMD SEV-SNP, enabling arbitrary read and write operations on protected VM memory.

The vulnerability was confirmed on AMD Zen 5 EPYC processors, with indications that similar issues may affect Zen 3 and Zen 4 systems. AMD has issued firmware updates to address the flaw, and the attack requires both UEFI and hypervisor privileges to execute.

Why It Matters

This vulnerability poses a significant threat to confidential computing environments relying on AMD SEV-SNP, especially in cloud settings where hypervisors and UEFI firmware are potentially untrusted. If exploited, it could allow malicious actors to access or modify sensitive data within virtual machines, undermining data privacy and security assurances that organizations depend on for secure cloud operations.

AMD Ryzen 5 5500 6-Core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler

Can deliver fast 100 plus FPS performance in the world's most popular games, discrete graphics card required

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Background

AMD SEV-SNP is a hardware extension designed to protect virtual machine memory from hypervisor and host attacks, forming a key component of confidential computing strategies. The attack, disclosed at USENIX Security 2026, builds on prior concerns about firmware security and system configuration vulnerabilities. The flaw stems from the fact that the UEFI firmware, which is often untrusted in cloud environments, controls critical configuration steps of the Infinity Fabric, a high-speed interconnect used in AMD’s chiplet architecture. Misconfigurations here can influence how memory transactions are routed, creating attack vectors that were previously unrecognized.

“Fabricked demonstrates that misconfigurations in Infinity Fabric can be exploited to bypass SEV-SNP protections, highlighting the importance of firmware integrity.”

— Research Team

“Firmware updates are available to mitigate this vulnerability on affected AMD processors, and users are advised to apply these patches promptly.”

— AMD Security Advisory

What Remains Unclear

It remains unclear whether similar vulnerabilities exist in other AMD architectures or in systems where the UEFI firmware is trusted. The full scope of affected hardware beyond the confirmed Zen 5 processors is still under investigation, and the long-term security implications of Infinity Fabric misconfigurations are being assessed.

AC Infinity Self-Watering Fabric Pot Base XL, 4-Pack Auto-Irrigation Water Delivery System with Reservoir Meter, Extra Large Elevated Plant Saucers for Indoor Grow Tents, Greenhouses, Outdoor Gardens

Large plant stand features a patented design that delivers water to bigger fabric pots in larger grow spaces.

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

What’s Next

AMD has released firmware updates for Zen 3, Zen 4, and Zen 5 processors to address Fabricked. Researchers and users are expected to analyze the effectiveness of these patches and monitor for any further related vulnerabilities. Future work will likely focus on firmware integrity verification and enhanced hardware protections to prevent similar exploits.

Security Patch, 2 Pcs Reflective Security Hook and Loop Patch for Vest Printed Letters Embroidery Patches for Officer Guard Custom Uniforms Vest, Jacket, Carrier, Bag, Hat (Black, 1 Small and 1 Large)

【Package Content】The package contains two security patches for vest, one small (5.5 x 2.5 inches) and one large…

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Key Questions

What is the core risk of Fabricked?

It allows a malicious hypervisor to bypass AMD SEV-SNP protections by manipulating Infinity Fabric configurations, enabling unauthorized access to VM memory.

Does this affect all AMD processors?

The vulnerability has been confirmed on AMD Zen 5 EPYC processors, with indications it may impact Zen 3 and Zen 4 systems. Firmware updates are available for affected models.

Can this attack be performed remotely?

No. The attacker needs UEFI and hypervisor privileges to execute the Fabricked attack, meaning local or privileged access is required.

What should users do now?

Users should apply the latest firmware updates provided by AMD and follow best practices for firmware security to mitigate the risk.

Are there broader implications for confidential computing?

Yes. This exploit underscores the importance of firmware integrity and secure configuration in hardware-based confidentiality solutions, especially in untrusted cloud environments.