A group of academics from different European universities have reported a new vulnerability for Intel processors, named Plundervolt. The report was made on June 7 2019, and Intel has already released firmware patches for this bug.
Intel SGX (Software Guard Extensions) uses enclaves, an isolated area, to protect sensitive computations. The protected computations cannot be read or edited from the outside of the enclave.
According to the researchers, by adjusting the frequency and the voltage of a processor “through privileged software interfaces”, it’s possible to undermine the system’s security, corrupting the integrity of Intel SGX on Intel CPUs.
By combining the Rowhammer and the CLKSCREW methodologies, two previously known attacks that tinker with the charge of memory cells and the CPU’s energy management system, Plundervolt was discovered. By adjusting the CPU’s frequencies and voltage, some bits within SGX are altered. This alteration causes errors that can be used at a later date to reconstruct the data that was within the enclave.
Plundervolt needs root/administrator access to be executed, making a remote attack rather difficult. Unlike other attacks, it’s not possible to use this exploit through virtual machines.
The processors affected by this vulnerability include Intel’s 6th, 7th, 8th, 9th, and 10th-Gen Core CPUs, as well as the Xeon E3, v5, v6, E-2100 and E-2200 series according to ZDNet.
Applying the firmware patches will lock the voltage and frequency to default values, turning software overclocking applications useless if the SGX is enabled. It’s not known if these firmware patches will have any impact on the systems’ performance.
If you want to know more about Plundervolt, click HERE.
KitGuru says: Will you download the firmware patches, knowing that you might lose your overclock profile?