A latest security flaw, ‘Collide+Power’ might affect almost every CPU

A new security flaw named “Collide+Power” has been discovered by researchers from Graz University of Technology in Australia in collaboration with the Helmholtz Center. This latest flaw can affect all CPUs and threaten actors by allowing them to observe CPU power consumption, which will reveal sensitive information.

The vulnerability, CVE-2023-20583, involves analyzing power consumption trends while processing both known data from the attacker and unknown data from the victim. As a result, a threat actor can derive the contents of the victim’s CPU cache memory by evaluating the power utilization and disclosing encryption keys and short identifiers.

Furthermore, the ‘Collide+Power’ security issue is available in two flavors: MDS-Power and Meltdown-Power. MDS-Power, if hyperthreading is enabled, can steal data from another security domain co-located on a sibling hardware thread at a rate of 4.82 bits per hour. However, extracting a 4,096-bit RSA key from a cloud vendor would take a month at this rate.

Other than that, Meltdown is pretty harmless, as it leaks data at a rate of 0.136 bits per hour. And observing it on scales of real-world reality, the act becomes even more sluggish in terms of memory prefetching, as it requires a period of 2.86 to extract a single bit from the kernel if fully deployed.

“However, this low-security risk may change dramatically if new architectural or microarchitectural methods of prefetching victim data in co-location with attacker-controlled data are discovered,” the researchers wrote.

Resolving the vulnerability

Although the security flaw may not appear to be feasible for ordinary hackers, it has piqued the curiosity of firms such as AMD, which has previously confirmed that its EPYC server CPUs contain a performance determinism option that can limit the danger of data leakage. Similarly, Intel emphasized the efficacy of current features and guidelines for combating power side-channel attacks exhibited in response to past threats such as PLATYPUS and Hertzbleed.

Leave a Reply