Disrupting TEEs with Malicious Notifications

Ahoi Attacks is a family of attacks on Hardware-based Trusted Execution Environments (TEEs) to break AMD SEV-SNP and Intel TDX.

Heckler

Breaking Confidential VMs with Malicious Interrupts

WeSee

Using Malicious #VC Interrupts to Break AMD SEV-SNP

Defining
Ahoi Attacks
/əˈhɔɪ əˈtaks/
noun
a family of attacks that compromise TEEs using malicious notifications.

Why the name Ahoi?

Ahoy is a word used to call a ship or boat. It is often used today in playful imitations of pirate speak. We coin the term Ahoi (sounds like Ahoy) which is an anagram of 1 edit distance from Iago as an homage to classical works that studied interface attacks with TEEs.

Tell Me More

Ahoi Attacks: An Analogy

Ahoi Attacks: An Explainer