A side-channel vulnerability has been discovered recently, dubbed Hertzbleed, by cybersecurity researchers from the University of Texas at Austin, the University of Illinois Urbana-Champaign, and the University of Washington in current Intel and AMD processors that can be exploited remotely by threat actors to hack encrypted data and cryptographic keys by remote attackers.
In this attack, the root cause persists in DVFS (dynamic voltage and frequency scaling). In simple terms, it’s a functionality that is mainly engaged for the purpose of preserving power and receding the amount of thermal heat induced by the CPU.
On successful exploitation of this vulnerability, DVFS is the key thing that allows a hacker to observe changes in CPU frequency and steal full cryptographic keys.
Vulnerabilities in Modern CPUs
It is possible for a hacker to perpetrate this attack due to the fact that modern Intel and AMD CPUs contain the following vulnerabilities:-
- Intel (CVE-2022-24436)
- AMD (CVE-2022-23823)
Here’s what the experts stated:-
“If an attacker is able to execute these attacks against remote servers that were initially believed to be secure, they can potentially extract cryptographic keys that have previously been hard to copy. The threat of Hertzbleed to the security of cryptographic software is a serious and highly practical one.”
“It is important to note that in the first place, Hertzbleed shows that power side-channel attacks on modern x86 CPUs may be turned into timing attacks. Secondly, Hertzbleed shows that the cryptographic code can still leak via remote timing analysis, even when they were implemented correctly.”
No patch release plan for Intel and AMD
Intel has confirmed that this vulnerability involves all its processors and that it could be exploited remotely. As a result, it may become possible for low-privilege threat actors not to interact with users in high-complexity attacks which do not involve user interaction.
Apart from Intel, AMD has also revealed that there are several of its products have been affected by Hertzbleed, including the following:-
- Zen 2 and Zen 3 based Server CPUs
While the team of cybersecurity analysts has reported:-
The new family of side-channel attacks called frequency side channels is not going to be addressed by microcode patches from Intel or AMD.
Here’s what the Intel’s Senior Director of Security Communications and Incident Response Jerry Bryant stated:-
“While this issue is interesting from a research perspective, we do not believe this attack to be practical outside of a lab environment.”
While AMD claims that developers can apply countermeasures on the software code of the algorithm to address the vulnerability since it impacts a cryptographic algorithm with power analysis-based leaks caused by side channels.
Several mitigation techniques may be used to mitigate the attack, including masking, hiding, or key rotating.
According to the experts, there is a substantial impact on system-wide performance when it comes to this particular situation.
The most common workaround for preventing Hertzbleed is to disable frequency boost in most cases, and it is a workaround that is not workload-dependent.
- Intel calls this feature: Turbo Boost
- AMD calls this feature: Turbo Core or Precision Boost
The issue with this mitigation strategy is that its impact on performance will be significant and not a recommended mitigation strategy.