Intel Discloses 40 More Security Advisories - PLATYPUS Is An Interesting One
As part of Intel's monthly security disclosures the company is today releasing forty new security advisories today.
With these 40 security advisories for November 2020 they are addressing 95 vulnerabilities. There are security advisories relating to the Converged Security and Management Engine (CSME) as well as the Intel Wireless Bluetooth support -- including a "critical" vulnerability that could lead to escalation of privileges via the LAN.
Also being disclosed today is "PLATYPUS" stemming from information leakage with the Intel Running Average Power Limit (RAPL) interface.
PLATYPUS could lead to local information disclosure through this power interface on mobile / embedded / desktop / server processors. Intel is releasing updated microcode and RAPL changes for PLATYPUS, some of which work just hit the Linux kernel. This also includes now restricting energy meter access. Previously users could read the exposed CPU energy information but now that is being clocked on the basis of forming a security attack. A real pity as the interface is quite convenient and non-root and useful during our testing purposes for monitoring CPU energy use, etc.
PLATYPUS can be exploited to break Intel SGX Enclaves, thwart Kernel Address Space Layout Randomization (KASLR), attacking AES, etc.
More details on this attack at platypusattack.com. Details on the other advisories at Intel.com.