Security Vulnerability: Power Consumption based side-channel attacks aka PLATYPUS (RAPL / CVE-2020-8694 / CVE-2020-8695)
This document (000019778) is provided subject to the disclaimer at the end of this document.
SUSE Linux Enterprise Server 12
Current Intel CPU's expose fine-grained power consumption meter values of various CPU components, which can be used as a information leak side channel to CPU operations with varying power consumption, including cryptographic operations.
Researchers have shown potential extraction of cryptographic key material in controlled settings when executing code on a non-loaded machine.
- CVE-2020-8694: The Linux kernel was exposing the power consumption counters to local users.
- CVE-2020-8695: The Intel CPU Microcode was updated to adjust the SGX enclaves power metering to be less fine-grained, avoiding the side channel leakage of information out of SGX enclaves.
As a workaround for the following vulnerability:
chmod og-rwx /sys/class/powercap/intel_rapl/*/energy_uj
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000019778
- Creation Date: 10-Nov-2020
- Modified Date:10-Nov-2020
- SUSE Linux Enterprise Server
- SUSE Linux Enterprise Server for SAP Applications
For questions or concerns with the SUSE Knowledgebase please contact: firstname.lastname@example.org