DigiNews

Summary

This article explains BadAML, an attack that abuses host-supplied ACPI tables to run arbitrary AML inside confidential VMs, bypassing memory isolation. It reproduces the attack within Contrast and describes a practical AML sandbox mitigation that confines AML to shared memory, along with other mitigation strategies and considerations.