Home / Series / Chaos Communication Congress / Aired Order / Season 36 / Episode 22

Plundervolt: Flipping Bits from Software without Rowhammer

We present the next step after Rowhammer, a new software-based fault attack primitive: Plundervolt (CVE-2019-11157). Many processors (including the widespread Intel Core series) expose privileged software interfaces to dynamically regulate processor frequency and operating voltage. We show that these privileged interfaces can be reliably exploited to undermine the system's security. In multiple case studies, we show how the induced faults in enclave computations can be leveraged in real-world attacks to recover keys from cryptographic algorithms (including the AES-NI instruction set extension) or to induce memory safety vulnerabilities into bug-free enclave code.

English
  • Originally Aired December 27, 2019
  • Runtime 60 minutes
  • Production Code 10883
  • Created December 27, 2019 by
    Administrator admin
  • Modified December 27, 2019 by
    Administrator admin
Name Type Role
Daniel Gruss Creator