BadAML exploits host-supplied ACPI tables to get arbitrary code execution inside confidential VMs. We reproduced the attack end-to-end against our stack and built an AML sandbox to stop it. I did a writeup on the original paper that published the attack, our reproducer, and our journey to fix it.https://katexochen.aro.bz/posts/badaml/#ConfidentialComputing #Security #Linux
