Bug 1828583 (CVE-2020-8695) - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface
Summary: CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-8695
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1844292 1844293 1893256 1893257 1893258 1893259 1893260 1893261 1893262 1893263 1893264 1893265 1893266
Blocks: 1828584
TreeView+ depends on / blocked
 
Reported: 2020-04-27 20:41 UTC by Pedro Sampaio
Modified: 2021-08-31 09:21 UTC (History)
29 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
Clone Of:
Environment:
Last Closed: 2020-11-11 14:21:18 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:5083 0 None None None 2020-11-11 10:13:37 UTC
Red Hat Product Errata RHSA-2020:5085 0 None None None 2020-11-11 09:46:44 UTC
Red Hat Product Errata RHSA-2020:5181 0 None None None 2020-11-23 17:55:22 UTC
Red Hat Product Errata RHSA-2020:5182 0 None None None 2020-11-23 17:45:39 UTC
Red Hat Product Errata RHSA-2020:5183 0 None None None 2020-11-23 17:44:18 UTC
Red Hat Product Errata RHSA-2020:5185 0 None None None 2020-11-23 17:57:27 UTC
Red Hat Product Errata RHSA-2020:5186 0 None None None 2020-11-23 17:47:01 UTC
Red Hat Product Errata RHSA-2020:5188 0 None None None 2020-11-23 18:56:40 UTC
Red Hat Product Errata RHSA-2020:5190 0 None None None 2020-11-23 19:21:22 UTC
Red Hat Product Errata RHSA-2020:5369 0 None None None 2020-12-08 10:34:22 UTC
Red Hat Product Errata RHSA-2021:3027 0 None None None 2021-08-09 09:51:32 UTC
Red Hat Product Errata RHSA-2021:3028 0 None None None 2021-08-09 10:09:35 UTC
Red Hat Product Errata RHSA-2021:3029 0 None None None 2021-08-10 13:40:17 UTC
Red Hat Product Errata RHSA-2021:3176 0 None None None 2021-08-17 08:30:14 UTC
Red Hat Product Errata RHSA-2021:3255 0 None None None 2021-08-24 09:54:41 UTC
Red Hat Product Errata RHSA-2021:3317 0 None None None 2021-08-31 08:24:17 UTC
Red Hat Product Errata RHSA-2021:3322 0 None None None 2021-08-31 08:04:16 UTC
Red Hat Product Errata RHSA-2021:3323 0 None None None 2021-08-31 07:56:58 UTC
Red Hat Product Errata RHSA-2021:3364 0 None None None 2021-08-31 09:21:42 UTC

Comment 1 Wade Mealing 2020-05-21 04:45:40 UTC
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit).  An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.

This creates a 'power analysis' side channel, where the attacker can use the RAPL values exported to the operating system as a method to analyse the side channel without physical access.

Comment 9 Petr Matousek 2020-06-05 12:18:40 UTC
Acknowledgments:

Name: Intel

Comment 14 errata-xmlrpc 2020-11-11 09:46:55 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:5085 https://access.redhat.com/errata/RHSA-2020:5085

Comment 15 errata-xmlrpc 2020-11-11 10:13:31 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:5083 https://access.redhat.com/errata/RHSA-2020:5083

Comment 16 Product Security DevOps Team 2020-11-11 14:21:18 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-8695

Comment 17 Doran Moppert 2020-11-12 11:37:42 UTC
Mitigation:

Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace.  

The command:
~~~
sudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj
~~~
Will do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.

Comment 27 errata-xmlrpc 2020-11-23 17:44:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support
  Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.3 Telco Extended Update Support

Via RHSA-2020:5183 https://access.redhat.com/errata/RHSA-2020:5183

Comment 28 errata-xmlrpc 2020-11-23 17:45:36 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2020:5182 https://access.redhat.com/errata/RHSA-2020:5182

Comment 29 errata-xmlrpc 2020-11-23 17:46:58 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:5186 https://access.redhat.com/errata/RHSA-2020:5186

Comment 30 errata-xmlrpc 2020-11-23 17:55:21 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Extended Update Support

Via RHSA-2020:5181 https://access.redhat.com/errata/RHSA-2020:5181

Comment 31 errata-xmlrpc 2020-11-23 17:57:25 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2020:5185 https://access.redhat.com/errata/RHSA-2020:5185

Comment 32 errata-xmlrpc 2020-11-23 18:56:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Advanced Update Support

Via RHSA-2020:5188 https://access.redhat.com/errata/RHSA-2020:5188

Comment 33 errata-xmlrpc 2020-11-23 19:21:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Extended Update Support

Via RHSA-2020:5190 https://access.redhat.com/errata/RHSA-2020:5190

Comment 40 errata-xmlrpc 2020-12-08 10:34:13 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2020:5369 https://access.redhat.com/errata/RHSA-2020:5369

Comment 41 errata-xmlrpc 2021-08-09 09:51:28 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:3027 https://access.redhat.com/errata/RHSA-2021:3027

Comment 42 errata-xmlrpc 2021-08-09 10:09:31 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3028 https://access.redhat.com/errata/RHSA-2021:3028

Comment 44 errata-xmlrpc 2021-08-10 13:40:14 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Extended Update Support

Via RHSA-2021:3029 https://access.redhat.com/errata/RHSA-2021:3029

Comment 45 errata-xmlrpc 2021-08-17 08:30:12 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:3176 https://access.redhat.com/errata/RHSA-2021:3176

Comment 46 errata-xmlrpc 2021-08-24 09:54:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2021:3255 https://access.redhat.com/errata/RHSA-2021:3255

Comment 47 errata-xmlrpc 2021-08-31 07:56:55 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Advanced Update Support

Via RHSA-2021:3323 https://access.redhat.com/errata/RHSA-2021:3323

Comment 48 errata-xmlrpc 2021-08-31 08:04:12 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support

Via RHSA-2021:3322 https://access.redhat.com/errata/RHSA-2021:3322

Comment 49 errata-xmlrpc 2021-08-31 08:24:14 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Advanced Update Support
  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.6 Telco Extended Update Support

Via RHSA-2021:3317 https://access.redhat.com/errata/RHSA-2021:3317

Comment 50 errata-xmlrpc 2021-08-31 09:21:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:3364 https://access.redhat.com/errata/RHSA-2021:3364


Note You need to log in before you can comment on or make changes to this bug.