New Hertzbleed Side-Channel Attack Affects All Modern AMD and Intel CPUs


A newly discovered security vulnerability in modern Intel and AMD processors could allow remote attackers to steal encryption keys through a power side channel attack.

dubbed Hertzbleed by a group of researchers from the University of Texas, University of Illinois Urbana-Champaign and the University of Washington, the problem is rooted in dynamic voltage and frequency scaling (DVFS), a power and heat management feature used to conserve power and reduce the amount of heat generated by a chip.

“The reason is that, under certain circumstances, periodic CPU frequency adjustments depend on current CPU power consumption, and these adjustments translate directly into execution time differences (as 1 hertz = 1 cycle per second),” the researchers said.

This can have significant security implications for cryptographic libraries, even when implemented correctly as constant time code to prevent timing-based side channels, allowing an attacker to effectively use the variations in execution time to extract sensitive information such as cryptographic keys.

Both AMD (CVE-2022-23823) and Intel (CVE-2022-24436) have released independent advice in response to the findings, with the latter noting that all Intel processors are affected by Hertzbleed. No patches have been made available.

Because the vulnerability affects a cryptographic algorithm with power analysis-based side-channel leaks, developers can take countermeasures on the algorithm’s software code. Masking, concealment, or key rotation can be used to mitigate the attack, AMD said.

While there are no patches available to address the weakness, Intel has: recommended cryptographic developers follow his guidance to protect their libraries and applications from frequency throttling of information disclosure.

This isn’t the first time new methods have been discovered to transfer data from Intel processors. In March 2021, two Hertzbleed co-authors demonstrated an “on-chip, cross-core” side channel attack targeting the ring interconnect used in Intel Coffee Lake and Skylake processors.

“The advantage is that current cryptographic engineering practices for writing constant-time code are no longer sufficient to ensure constant-time execution of software on modern, variable-frequency processors,” the researchers concluded.