A new side-channel attack known as Hertzbleed allows remote attackers to steal full cryptographic keys by observing variations in CPU frequency enabled by dynamic voltage and frequency scaling (DVFS).
This is possible because, on modern Intel (CVE-2022–24436) and AMD (CVE-2022–23823) x86 processors, the dynamic frequency scaling depends on the power consumption and the data being processed.
DVFS is a power management throttling feature used by modern CPUs to ensure that the system doesn’t go over thermal and power limits during high loads, as well as to reduce overall power consumption during low CPU loads.
Comments are closed.