Cov kws tshawb fawb los ntawm University of Birmingham, yav dhau los paub txog kev txhim kho Plundervolt thiab VoltPillager tawm tsam, tau txheeb xyuas qhov tsis zoo (CVE-2022-43309) hauv qee lub server motherboard uas tuaj yeem ua rau lub cev lov tes taw CPU yam tsis muaj peev xwm rov qab los tom ntej. Qhov tsis zoo, codenamed PMFault, tuaj yeem siv los ua kev puas tsuaj rau cov servers uas tus neeg tawm tsam tsis muaj lub cev nkag mus, tab sis muaj cai nkag mus rau lub operating system, tau txais, piv txwv li, vim yog siv qhov tsis muaj qhov tsis zoo lossis cuam tshuam cov ntaub ntawv pov thawj ntawm cov thawj coj.
Lub ntsiab lus ntawm txoj kev npaj yog siv PMBus interface, uas siv I2C raws tu qauv, kom nce qhov voltage nkag mus rau lub processor rau qhov tseem ceeb uas ua rau kev puas tsuaj rau cov nti. PMBus interface feem ntau yog siv hauv VRM (Voltage Regulator Module), uas tuaj yeem nkag mus tau los ntawm kev tswj hwm ntawm BMC maub los. Txhawm rau tua cov laug cam uas txhawb nqa PMBus, ntxiv rau cov cai tswj hwm hauv kev ua haujlwm, koj yuav tsum muaj kev nkag mus rau BMC (Baseboard Management Controller), piv txwv li, ntawm IPMI KCS (Keyboard Controller Style) interface, ntawm Ethernet, lossis ntawm flashing BMC los ntawm qhov system tam sim no.
Ib qho teeb meem uas tso cai rau kev tawm tsam yam tsis muaj kev paub txog qhov kev lees paub qhov tseeb hauv BMC tau lees paub hauv Supermicro motherboards nrog IPMI kev txhawb nqa (X11, X12, H11 thiab H12) thiab ASRock, tab sis lwm lub server boards uas PMBus tuaj yeem nkag tau kuj cuam tshuam. Hauv chav kawm ntawm kev sim, thaum qhov hluav taws xob tau nce mus rau 2.84 volts, ob lub Intel Xeon processors raug puas tsuaj ntawm cov laug cam. Txhawm rau nkag mus rau BMC yam tsis paub txog qhov kev lees paub qhov tseeb, tab sis nrog cov hauv paus nkag mus rau lub operating system, muaj qhov tsis zoo nyob rau hauv cov ntaub ntawv pov thawj firmware tau siv, uas ua rau nws muaj peev xwm rub tawm cov hloov kho firmware hloov tshiab rau BMC maub los, nrog rau qhov ua tau ntawm Tsis muaj kev lees paub nkag los ntawm IPMI KCS.
Txoj kev hloov hluav taws xob ntawm PMBus kuj tseem tuaj yeem siv los ua Plundervolt nres, uas tso cai, los ntawm kev txo qhov voltage kom tsawg kawg nkaus qhov tseem ceeb, ua rau muaj kev puas tsuaj rau cov ntsiab lus ntawm cov ntaub ntawv hlwb hauv CPU siv rau hauv kev suav hauv cais Intel SGX enclaves thiab tsim kom raug. hauv thawj qhov tseeb algorithms. Piv txwv li, yog tias koj hloov tus nqi siv nyob rau hauv kev sib faib thaum lub sij hawm encryption txheej txheem, cov zis yuav yog ib tug invalid ciphertext. Muaj peev xwm hu rau tus tuav ntaub ntawv hauv SGX los encrypt lawv cov ntaub ntawv, tus neeg tawm tsam tuaj yeem, los ntawm kev ua tsis tiav, sau cov txheeb cais txog kev hloov pauv hauv cov ntawv tso zis ciphertext thiab rov qab tau tus nqi ntawm tus yuam sij khaws cia hauv SGX enclave.
Cov cuab yeej siv rau kev tawm tsam Supermicro thiab ASRock boards, nrog rau kev siv hluav taws xob rau kev kuaj xyuas kev nkag mus rau PMBus, tau luam tawm ntawm GitHub.
Tau qhov twg los: opennet.ru