On October 14, 2025, chipmaker AMD released crucial fixes to address a significant security flaw dubbed RMPocalypse. This vulnerability directly impacts the confidential computing guarantees provided by AMD’s Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP) technology. The flaw was identified and reported by ETH Zürich researchers Benedict Schlüter and Shweta Shinde.

Understanding the RMPocalypse Attack Vector

The RMPocalypse attack exploits specific, incomplete protections within AMD’s SEV-SNP implementation. Researchers demonstrated that it is possible for an attacker to perform a single 8-byte memory write to the Reverse Map Paging (RMP) table. This table is a critical data structure central to system security, storing vital security metadata for all DRAM pages within the system. The targeted write operation, despite its small size, is sufficient to undermine the integrity of confidential computing environments secured by SEV-SNP.

The Critical Role of the Reverse Map Paging Table

According to AMD’s own specification documentation, the Reverse Map Paging (RMP) table resides in DRAM and serves a fundamental purpose: it maps system physical addresses (sPAs) to guest physical addresses (gPAs). The system features only one RMP table for the entire system, which is configured using x86 model-specific registers (MSRs). Furthermore, the RMP contains various security attributes for each page, with management delegated to the hypervisor through hardware-mediated controls. The ability to maliciously alter this single, vital data structure directly compromises the foundational security assumptions of SEV-SNP, allowing an attacker to bypass confidential computing protections.

AMD’s prompt release of fixes addresses the RMPocalypse vulnerability, reinforcing the security of their confidential computing solutions. The patches are essential for maintaining the integrity and confidentiality of virtualized environments relying on SEV-SNP technology.