Plundervolt – Intel SGX Vulnerability (CVE-2019-11157)

### Plundervolt - Intel SGX vulnerability (CVE-2019-11157)
#

Researchers have been able to corrupt the integrity of Intel SGX on Intel Core processors by controlling the voltage when executing enclave computations in order to undermine a systems security.

Crucial to performing a Plundervolt attack is the ability for an adversary to read/write Model Specific Registers (MSRs) which does require root or admin privileges. SGX is a set of security related instruction codes which should protect against root/administrative attackers - this undervolting attack allows this protection to be circumvented.

The researchers have tested common hypervisor and virtual machine software but found no way to perform these attacks as the guest OS is unable to access the undervolting interface.

The researchers have provided a full detailed paper and website with comprehensive information on Plundervolt: https://plundervolt.com/

Intel have provided a summary as well as a list of affected processors: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html

The recommendation from Intel is that users of the above Intel Processors update to the latest BIOS version provided by the system manufacturer that addresses these issues.

Whilst an interesting attack and some excellent research the likelihood of this having a significant impact in most HPC environments is limited; it is not a remote attack and does require root access to the system being attacked. Nevertheless, unlike Spectre and Meltdown there is no suggestion of any performance impact if patches are applied so, where possible, it is recommended that they are.

#
# https://plundervolt.com/
# https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html
# https://www.zdnet.com/article/new-plundervolt-attack-impacts-intel-cpus/
#
### 2019-12-11

 

Posted in Security Feed and tagged , , , , .