@Rayiizzz profile picture
Ruiyi Zhang @Rayiizzz

Microarchitectural Security | PhD Candidate at CISPA | Ex Research Intern @Google | #StackWarp #CacheWarp

Joined August 2019
  • Tweets 103
  • Following 225
  • Followers 558
5 Photos and videos
Pinned Tweet
Ruiyi Zhang@Rayiizzz
Jan 15
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
0:53
16
176
1,355
150,080
Ruiyi Zhang retweeted
Daniel Weber@weber_daniel
Apr 17
After an embargo of 256 days, I'm happy to reveal our newest work: we present TREVEX, a black-box CPU fuzzer that detects transient execution vulnerabilities in an automated manner. Running TREVEX on AMD, Intel, and Zhaoxin CPUs discovered multiple new CPU vulnerabilities!
1
63
316
30,216
Ruiyi Zhang retweeted
HOSEIN YAVARZADEH@hosein_yz
Apr 2
Private AI in Confidential VMs isn't as private as we thought. 🤯 We just showed how to reconstruct user LLM prompts word-for-word from inside an encrypted Intel TDX enclave—without breaking any cryptography. Introducing TDXRay (IEEE S&P 2026): tdxray.cpusec.org/ (1/4)
0:29
3
6
31
3,017
To clear up some confusion: the root cause lies in the stack engine, a CPU frontend optimization that manages the Stack Pointer (RSP) to reduce backend overhead. We discovered that an undocumented MSR bit acts as a toggle for this optimization. (1/2)
Ruiyi Zhang@Rayiizzz
Jan 15
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
0:53
3
3
95
9,447
If an SMT sibling disables it, the RSP delta becomes 'frozen' and is only released to a future execution context when the bit is toggled again. While the underlying bug exists across Zen 1-5, it only poses a security risk in specific scenarios, like within confidential computing.
13
777
Ruiyi Zhang retweeted
SecurityWeek
@SecurityWeek
Jan 15
New StackWarp Attack Threatens Confidential VMs on AMD Processors securityweek.com/new-stackwa…

New ‘StackWarp’ Attack Threatens Confidential VMs on AMD Processors

Researchers have disclosed technical details on a new AMD processor attack that allows remote code execution inside confidential VMs.

securityweek.com
7
4
1,772
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
0:53
16
176
1,355
150,080
For more details on the discovery process and our findings, we refer to our research paper, which is published at USENIX Security 2026. paper: stackwarpattack.com/ github: github.com/cispa/StackWarp \cc Tristan Hornetz, @weber_daniel, @fth0mas, @misc0110

2
6
57
7,773
Blogpost: roots.ec/blog/stackwarp/

StackWarp: Exploiting Stack Layout Vulnerabilities in Modern Processors | Rootsec

We are disclosing a novel CPU bug affecting AMD Zen 1-5 microarchitectures.

roots.ec
34
5,726
Ruiyi Zhang retweeted
Kav@kavehrazavi
Jan 12
The program for uASC'26 is online uasc.cc/program.html We have some very interesting papers which are already available, so be sure to check them out. Better yet, join us in Leuven next month to listen to the authors! Registration is still open and free but seats are limited.
4
4
753
Ruiyi Zhang retweeted
Shweta Shinde@shw3ta_shinde
11 Aug 2025
🔓 Heracles @acm_ccs'25: Breaking AMD’s Confidential Computing! We show that the hypervisor can read and move hardware-encrypted memory on AMD SEV-SNP. We build a chosen-plaintext oracle to leak kernel memory, auth keys, and cookies from "confidential" VMs heracles-attack.github.io/

Heracles Attack

Breaking AMDs confidential computing solution using a Chosen Plaintext Attack

heracles-attack.github.io
9
35
2,250
Ruiyi Zhang retweeted
Kav@kavehrazavi
20 May 2025
I am chairing the second edition of the microarchitecture security conference (uASC'26). Paper deadline for the first cycle is July 15. Please spread the word, submit, and/or join us in charming Leuven in February 2026! More info: uasc.cc

1
7
15
1,525
Ruiyi Zhang retweeted
Kav@kavehrazavi
13 May 2025
long embargo, but there is a demo with good music at least: youtu.be/jrsOvaN7PaA

Sandro@sparchatus
13 May 2025
Disclosing Branch Predictor Race Conditions (BPRC), a new class of vulnerabilities where asynchronous branch predictor operations violate hardware-enforced privilege and context separation in virtually all recent Intel CPUs. @wiknerj @kavehrazavi : comsec.ethz.ch/bprc
1
2
14
1,149
Ruiyi Zhang retweeted
Seres István András
@Istvan_A_Seres
23 Apr 2025
✅ Write constant-time crypto code ☠️ Compiler introduces timing side-channels Do Compilers Break Constant-time Guarantees? fc25.ifca.ai/preproceedings/… TL;DR: Yes!🥲 👏👏👏Great work @misc0110 & team!
oh yeah, oh no meme. oh yeah: "Implementing constant-time crypto algorithm." oh no: "Compiler introduces timing side-channels."

ALT oh yeah, oh no meme. oh yeah: "Implementing constant-time crypto algorithm." oh no: "Compiler introduces timing side-channels."

1
7
22
1,768
Ruiyi Zhang retweeted
Matteo Rizzo@_MatteoRizzo
3 Feb 2025
github.com/google/security-r… Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!

AMD: Microcode Signature Verification Vulnerability

### Summary Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside...

github.com
12
270
800
123,946
Ruiyi Zhang retweeted
Daniel Weber@weber_daniel
11 Dec 2024
Super excited to present our (L. Niemann, @____salmon____, @jan__reineke, @misc0110) newest paper at #ACSAC2024! We show how modern CPU hardware can be leveraged to stop side-channel attacks almost instantly (~200 CPU cycles)! Code/Paper: github.com/cispa/IRQGuard
2
14
59
4,176
Ruiyi Zhang retweeted
Andreas Kogler@0xhilbert
13 Oct 2024
Excited to announce the release of the Rapid Data Analysis (RDA) framework! RDA streamlines side-channel analysis with plotting, processing, and analysis tools—usable directly from the terminal or in scripts. Check it out: github.com/0xhilbert/rda #SideChannel
1
9
20
2,449
Ruiyi Zhang retweeted
hardwear.io@hardwear_io
12 Oct 2024
🤔 Want to know how we developed a hardware fuzzer that found the GhostWrite vulnerability? 🔓 This critical hardware flaw bypasses all security isolations on affected CPUs, raising serious concerns for security. 👉 hardwear.io/netherlands-2024… #rowhammer #hardware #hw_ioNL2024
3
10
1,029
Ruiyi Zhang@Rayiizzz
25 Aug 2024
Congratulations Andi! It's been awesome working with you. Good luck with everything ahead!
Andreas Kogler@0xhilbert
25 Aug 2024
I defended my PhD with distinction at @tugraz last friday! 🎉 Thank you to all the friends and folks who made this journey unforgettable. Special shoutout to @lavados, who went above and beyond by designing a game based on a "beer"-idea: Werewolves in the context of academia 🐺🎓
1
10
615
Ruiyi Zhang@Rayiizzz
23 Aug 2024
First week as a Research Intern at @Google! Excited to dive into cutting-edge research and solve real-world problems.
1
23
2,247
Ruiyi Zhang retweeted
Fabian Thomas@fth0mas
8 Aug 2024
Want to learn how to get root on the T-Head C910 #RISCV CPU within seconds? Visit our website ghostwriteattack.com covering the #GhostWrite vulnerability. #BlackHat #BHUSA
0:13
2
4
9
1,242
Load more