Intel CPUの脆弱性に物理的に電圧レベルを変更でデータを盗まえる、「Plundervolt」攻撃、を発見


投稿者 :Justin Brunnette

カテゴリ: IT News





Intel CPUにまた脆弱性が発見されました。今回は非常に安全な場所からデータを盗むことができるセキュリティ攻撃が発見されました。 ヨーロッパの3つの大学の研究者が組んだチームが発見しまして、この攻撃はIntelのSGX内の電圧使用を制御するCPUの機能を利用してハッキングできます。
この新しい攻撃には「Plundervolt」という名前が付けられて、「Software Guard eXtensions」(SGX)と呼ばれるIntelのセキュリティ機能が攻撃目標です。 SGXはCPUの専用キャッシュ領域で、「エンクレーブ」と呼ばれる安全な場所でアプリケーションやプログラムがデータを実行できるところです。他のアプリケーションが同時にCPUで実行されている間でも、エンクレーブの中であれば機密データが公開されなくなります。
研究者チームは、過去に発見された別の2つの攻撃の「Rowhammer攻撃」と「CLKSCREW」のいくつかの属性を組み合わて、SGXを侵害する可能性を発見しました。 RowhammerはDRAM(ダイナミック・ランダム・アクセス・メモリ)のメモリセルの電荷を変更することができます。メモリセルの電荷を変更しますと、近くのメモリ行の保管してるビットが0から1値を反転することができます。CLKSCREWはCPUまたはSoCチップセットの「Dynamic Voltage and Frequency Scaling」(動的電圧および周波数スケーリング・またはDVFS)というネルギー管理システムを侵入してシステムのセキュリティを壊すことができます。
Plundervoltは現在ローカル環境でのみ攻撃可能になっております。つまり、リモート攻撃には管理者特権が必要となります。 研究者の報告では、これをリモートで行うことは難しいですが、不可能という事でも無いらしいです。 しかし、Plundervoltは、「メルトダウン」や「スペクター」などの他のIntel CPU攻撃よりもデータを露呈させるまでが、はるかに速いので、Plundervoltは危険とみられています。 たとえば、AESのキーの取得にはたった数分しかかかりません。
  • Intel 6th, 7th, 8th, 9th and 10th Generation Core
  • Xeon E3 V5 and E3 V6
  • Xeon E-2100 and E-2200

Another security attack has been discovered that can steal data from highly secure areas of Intel CPUs. Researchers from three universities in Europe have reported that this attack takes advantage of the CPU’s ability to control the voltage usage inside Intel’s SGX, which can create data leaks of sensitive information such as encryption data.
The new attack was given the name “Plundervolt”, and it targets Intel’s security feature called Software Guard eXtensions (SGX).  SGX is a dedicated region of cache in the CPU that allows applications and programs to run data in secure locations called “enclaves.” This keeps sensitive data from being exposed while other applications are simultaneously running on the CPU.
The researchers have discovered that SGX can be compromised by combining several aspects from the “Rowhammer attack” and the “CLKSCREW”, two previously discovered attacks. Rowhammer is able to change the electric charges in memory cells in DRAM (dynamic random-access memory) which will then cause contents in nearby memory rows to flip bit value such as 0 to 1. CLKSCREW took advantage of a CPU’s or SoC chipset’s DVFS (Dynamic Voltage and Frequency Scaling) energy management system to break a system’s security.
Similarly, Plundervolt uses the CPU’s energy management system to manipulate the voltage and frequency being used in the memory cells inside the SGX enclaves. This voltage change will alter bits in the data inside SGX, which is enough to cause errors in the SGX operations.
Operations such as encryption algorithms are performed inside SGX, and SGX is designed to encrypt when data is read from or written to memory, which do not protect it from these errors. This results in the encryption being compromised and easy to crack when the data leaves the SGX.
The attacker can then retrieve the encryption key from this data or even worse, they can introduce bugs into secure applications.
Plundervolt is only possible locally, meaning remote attacks must require administrative privileges. The researchers report that this would be difficult to do remotely but not necessarily impossible. But Plundervolt is considered dangerous because this method is much faster at exposing data than previous Intel CPU attacks such as Meltdown and Spectre; for example retrieving an AES key will only take a few minutes.
Intel has been notified of this and has issued a update to the BIOS to disable voltage and frequency control on the CPU. Intel’s advisory is detailed here:
As well as a CVE to be released as CVE-2019-11157.
Intel also advises that the following CPUs would be affected by this and should update their BIOS:
  • Intel 6th, 7th, 8th, 9th and 10th Generation Core
  • Xeon E3 V5 and E3 V6
  • Xeon E-2100 and E-2200
The research has been made available to download with the following link: