A new side-channel attack by Hertzbleed allows the theft of cryptographic keys by observing changes in the CPU frequency through DVFS (dynamic voltage and frequency scaling, “dynamic frequency and voltage scaling”).The attack is possible due to the fact that on modern x86 Intel (CVE-2022-24436) and AMD (CVE-2022-23823) processors, dynamic frequency scaling depends on power consumption and processed data. For example, DVFS is a power throttling feature that is used in modern processors to ensure that the system does not exceed the temperature and power limits at high loads, and also to reduce power consumption at low loads.
The Hertzbleed problem was discovered by experts from the University of Texas at Austin, the University of Illinois at Urbana-Champaign and the University of Washington. They say that “Hertzbleed is a real and practical threat to the security of cryptographic software.”
Intel representatives said that this problem affects all of its processors and can be used in advanced attacks remotely. Such attacks do not require user interaction and can be carried out by low privilege attackers.
You might also be interested in what SmashEx attack compromises Intel SGX enclaves.
AMD representatives write that Hertzbleed affects a number of company products, including desktop and mobile products, Chromebooks and server processors using the Zen 2 and Zen 3 microarchitecture.
Let me remind you that we also wrote that Windows 11 update fixes performance issue for AMD processors.
It is reported that processors from other manufacturers (for example, ARM), which also use DVFS, may also be vulnerable to Hertzbleed, although the researchers have not yet tested their PoC exploit on them.
At the same time, the research team says that Intel and AMD do not plan to release patches at all to solve the new side-channel problem. Both vendors just published recommendations (here, for example, recommendations from Intel), which explained how developers can protect their software from such attacks and data disclosure.
However, processor manufacturers doubt the possibility of using the Hertzbleed attack in real conditions.
User Review( votes)