Plundervolt: Intel CPUs Hacked... Again - SGX
grarpamp
grarpamp at gmail.com
Tue Dec 10 17:17:30 PST 2019
https://plundervolt.com/
https://github.com/KitMurdock/plundervolt
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html
Academics from three universities across Europe have disclosed today a
new attack that impacts the integrity of data stored inside Intel SGX,
a highly-secured area of Intel CPUs. The attack, which researchers
have named Plundervolt, exploits the interface through which an
operating system can control an Intel processor's voltage and
frequency -- the same interface that allows gamers to overclock their
CPUs. Academics say they discovered that by tinkering with the amount
of voltage and frequency a CPU receives, they can alter bits inside
SGX to cause errors that can be exploited at a later point after the
data has left the security of the SGX enclave. They say Plundervolt
can be used to recover encryption keys or introduce bugs in previously
secure software. Intel desktop, server, and mobile CPUs are impacted.
A full list of vulnerable CPUs is available here. Intel has also
released microcode (CPU firmware) and BIOS updates today that address
the Plundervolt attack [by allowing users to disable the energy
management interface at the source of the attack, if not needed].
Proof-of-concept code for reproducing attacks will be released on
GitHub.
More information about the cypherpunks
mailing list