ASA-2019-00656 – Intel: Improper conditions check in voltage settings for some Intel Processors


Allele Security Alert

ASA-2019-00656

Identifier(s)

ASA-2019-00656, CVE-2019-11157

Title

Improper conditions check in voltage settings for some Intel Processors

Vendor(s)

Intel

Product(s)

Intel 6th, 7th, 8th, 9th & 10th Generation Core Processors

Intel Xeon Processor E3 v5 & v6
Intel Xeon Processor E-2100 & E-2200 Families

Affected version(s)

Product Family Segment CPUID Platform ID
8th Generation Intel® Core™ Processor Family Mobile 806 E9 10
8th Generation Intel® Core™ Processor Family Mobile 806 EC 10
8th Generation Intel® Core™ Processor Family Mobile 906EA 22
8th Generation Intel® Core™ Processor Family  Desktop 906EA 22
8th Generation Intel® Core™ Processor Family Mobile 806EA C0
8th Generation Intel® Core™ Processor Family Desktop 906EB 2
Intel® Celeron® Processor G Series Desktop 906EB 2
8th Generation Intel® Core™ Processor Family Desktop 906EA 22
Intel® Xeon® Processor E Family Server 906EA 22
Intel® Xeon® Processor E Family workstation 906EA 22
Intel® Xeon® Processor E Family AMT Server 906EA 22
Intel® Xeon® Processor E Family Server 906EA 22
Intel® Xeon® Processor E Family workstation 906EA 22
Intel® Xeon® Processor E Family AMT Server 906EA 22
9th Generation Intel® Core™ Processor Family Desktop 906ED 22
9th Generation Intel® Core™ Processor Family Desktop 906ED 22
10th Generation Intel® Core™ Processor Family Mobile 806EC 94
10th Generation Intel® Core™ Processor Family Mobile A0660 80
8th Generation Intel® Core™ Processor Family Mobile 906 E9 2A
7th Generation Intel® Core™ Processor Family Mobile 906 E9 2A
8th Generation Intel® Core™ Processor Family Mobile 806EA C0
7th Generation Intel® Core™ Processor Family Desktop 906 E9 2A
7th Generation Intel® Core™ Processor Family Mobile 806 E9 C0
7th Generation Intel® Core™ Processor Family Mobile 806 E9 C0
Intel® Core™ X-series Processors Desktop 906 E9 2A
Intel® Xeon® Processor E3 v6 Family Mobile/server/Emb 906 E9 2A
7th Generation Intel® Core™ Processor Family Mobile 806 E9 C0
6th Generation Intel® Core™ Processor Family Mobile 506 E3 36
6th Generation Intel® Core™ Processor Family Desktop 506 E3 36
6th Generation Intel® Core™ Processors Mobile 406 E3 C0
6th Generation Intel® Core™ Processor Family Mobile 406 E3 C0
Intel® Xeon® Processor E3 v5 Family Server/Embed 506 E3 36
6th Generation Intel® Core™ Processors Mobile 406 E3 C0
8th Generation Intel® Core™ Processors Mobile 806EB D0
8th Generation Intel® Core™ Processors Mobile 806EC 80

Fixed version(s)

Intel recommends that users of the affected Intel® Processors update to the latest BIOS version provided by the system manufacturer that addresses these issues.

Proof of concept

Yes

Description

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.

Technical details

Unknown

Credits

David Oswald, Flavio Garcia (Universidade de Birmingham); Jo Van Bulck (KU Lovaina); Daniel Gruss (TU Graz); Zijo Kenjar, Tommaso Frassetto, Ahmed-Reza Sadeghi (Universidade Técnica de Darmstadt); David Gens, Michael Franz (Universidade da Califórnia, Irvine); Gang Qu (Universidade de Maryland); Yongqiang Lyu, Dongsheng Wang (Universidade de Tsinghua); Pengfei Qiu; Researchers from University of Birmingham, KU Leuven and TU Graz; Researchers from University of Maryland and Tsinghua University.

Reference(s)

Intel® Processors Voltage Settings Modification Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html

Plundervolt
https://plundervolt.com/

Plundervolt: Software-based Fault Injection Attacks against Intel SGX
https://plundervolt.com/doc/plundervolt.pdf

Plundervolt
https://github.com/KitMurdock/plundervolt

CVE-2019-11157
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11157

CVE-2019-11157
https://nvd.nist.gov/vuln/detail/CVE-2019-11157

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: February 14, 2020

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.