Vatsvagiri vepaYunivhesiti yeBirmingham, yaimbozivikanwa nekugadzira iyo Plundervolt uye VoltPillager kurwiswa, vaona kusazvibata (CVE-2022-43309) mune mamwe maseva mamaboards ayo anogona kudzima muviri CPU pasina mukana wekuzopora. Kusagadzikana, codenamed PMFault, inogona kushandiswa kukuvadza maseva ayo anorwisa asina kuwana kwemuviri, asi ane rombo rakanaka rekuwana iyo inoshanda sisitimu, yakawanikwa, semuenzaniso, semugumisiro wekushandisa kusagadzikana kusingaverengeki kana kubvuta zvitupa zvemutungamiriri.
Izvo zvakakosha zveiyo nzira yakatsanangurwa ndeye kushandisa iyo PMBus interface, iyo inoshandisa iyo I2C protocol, kuwedzera voltage inopihwa kune processor kune zvakakosha zvinokonzeresa kukuvadza kune chip. Iyo PMBus interface inowanzoitwa muVRM (Voltage Regulator Module), iyo inogona kuwanikwa kuburikidza nekunyengera kweBMC controller. Kuti urwise mabhodhi anotsigira PMBus, kuwedzera kune kodzero dzemaneja mune inoshanda sisitimu, iwe unofanirwa kuve nechirongwa chekuwana BMC (Baseboard Management Controller), semuenzaniso, kuburikidza neIPMI KCS (Keyboard Controller Style) interface, kuburikidza neEthernet, kana kuburikidza. kupenya iyo BMC kubva kune yazvino system.
Nyaya inobvumira kurwiswa pasina ruzivo rweBMC yekusimbisa ma paramita yakasimbiswa muSupermicro mamaboards ane IPMI rutsigiro (X11, X12, H11 uye H12) uye ASRock, asi mamwe maseva mabhodhi anogona kuwana PMBus anokanganiswawo. Mukati mekuedza, magetsi paakawedzera kusvika pa2.84 volts, maviri Intel Xeon processors akakuvadzwa pamabhodhi aya. Kuti uwane iyo BMC usingazive maparamendi echokwadi, asi nemidzi yekuwana kune iyo inoshanda sisitimu, njodzi mune firmware verification mechanism yakashandiswa, izvo zvakaita kuti zvikwanise kurodha yakagadziridzwa firmware update kune BMC controller, pamwe nekugona kupinda kusina kuvimbiswa kuburikidza neIPMI KCS.
Iyo nzira yekushandura magetsi kuburikidza nePMBus inogona zvakare kushandiswa kuita Plundervolt kurwisa, iyo inobvumira, nekudzikisa voltage kusvika kune hushoma kukosha, kukonzera kukuvadza kune zviri mukati me data maseru muCPU anoshandiswa mukuverenga mune yakasarudzika Intel SGX enclaves uye kugadzira zvikanganiso. mune yekutanga algorithms yakarurama. Semuenzaniso, kana ukashandura kukosha kunoshandiswa mukuwedzeredza panguva yekuvharidzira, zvinobuda zvichave zvisirizvo ciphertext. Nekukwanisa kufonera mubati muSGX kuti encrypt yavo data, anorwisa anogona, nekukonzera kutadza, kuunganidza nhamba nezve shanduko mune yakabuda ciphertext uye kudzoreredza kukosha kwekiyi yakachengetwa muSGX enclave.
A toolkit yekurwisa Supermicro uye ASRock mabhodhi, pamwe nekushandisa kwekutarisa kuwana kwePMBus, zvakaburitswa paGitHub.
Source: opennet.ru