Skip to main content

Intel just patched this first of its kind vulnerability

Zero-day attack
(Image credit: Shutterstock.com)

Intel has announced fixes to almost a hundred security vulnerabilities as part of its monthly security disclosures; one of which uses a novel attack vector.

It is reported that one of the vulnerabilities can help launch an attack that could leak information through the Running Average Power Limit (RAPL) interface on mobile, embedded, desktop, and server processors. 

The exploit has been dubbed Platypus, since it bears resemblance to the electroreception of the semi-aquatic Australian animal.

Power play

According to Intel, Platypus is part of the forty new security advisories that are related to the Converged Security and Management Engine (CSME) as well as the Intel Wireless Bluetooth support. 

Security researchers have carried out power side-channel attacks earlier as well. However, unlike the earlier attacks that required an oscilloscope to monitor the energy consumption, Platypus attacks can be carried out remotely. 

The attack works by exploiting the Running Average Power Limit (RAPL) interface that is designed to help users monitor and control the energy flowing through CPUs and memory. 

The good news however is that these attacks don’t reveal much useful information and have only been exploited in research laboratories. Still, Intel has already released updated microcode and RAPL changes for Platypus. 

Some of these mitigations have already been rolled into the Linux kernel, which now restricts access to the RAPL interface only to apps with elevated privileges.

Interestingly, while the researchers only focussed on Intel processors, almost every chipmaker includes a RAPL interface with their products, and could potentially be vulnerable to Platypus-type attacks. 

Via: Phoronix