Explain the Plundervolt attack.
CVE-2019-11157 exposes a vulnerability in the undervolting API from Intel processors, that became known as the Plundervolt attack.
What is the Plunder Volt attack? Should domestic users be afraid of undervolting their CPUs because of it? Or does it require a sophisticated hacker to exploit it, which would make it only worrisome for governmental, servers, and enterprise-level computers?
Plunder Volt is a vulnerability in Intel CPUs. These CPUs allow users to use privileged software interfaces to undervolt their CPU. Undervolting is the process of supplying the CPU with less power than specified, usually in order to conserve power. In this case, undervolting is used to induce faults into calculations.
By doing so, attackers can for example cause the SGX to write secret data to user memory.
Should the average home user worry about this? Is undervolting insecure?
No, for multiple reasons.
First of all, the flaw doesn't come from undervolting the CPU, but rather from the fact that Intel offers a software interface to undervolt. As a result, not undervolting doesn't stop an attacker from exploiting the vulnerability.
Secondly, the attacker requires administrative privileges on the machine. While this matters in the context of cloud computing applications, domestic users on their own machine usually don't need to worry - if an attacker has administrative privileges, they're f___ed either way.
Finally, Intel has released a security advisory and an accompanying microcode update to mitigate this issue.
Who should worry about this?
Anyone who relies on SGX to provide confidentiality and integrity, in scenarios in which potentially malicious actors have gained root privileges. In this case, it is possible that this attack has been used to extract secrets from SGX.