all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

PMFault: Faulting and Bricking Server CPUs through Management Interfaces. (arXiv:2301.05538v1 [cs.CR])

Add to bookmarks
Jan. 16, 2023, 2:10 a.m. | Zitai Chen, David Oswald

cs.CR updates on arXiv.org arxiv.org

Apart from the actual CPU, modern server motherboards contain other auxiliary
components, for example voltage regulators for power management. Those are
connected to the CPU and the separate Baseboard Management Controller (BMC) via
the I2C-based PMBus.


In this paper, using the case study of the widely used Supermicro X11SSL
motherboard, we show how remotely exploitable software weaknesses in the BMC
(or other processors with PMBus access) can be used to access the PMBus and
then perform hardware-based fault injection attacks …

access baseboard management controller bmc bricking case cpu cpus management motherboard power processors regulators server software study supermicro

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Differentially private Bayesian tests 1 day, 2 hours ago | arxiv.org
arxiv confidential cornerstone cs.cr +16
On the Learnability of Watermarks for Language Models 1 day, 2 hours ago | arxiv.org
arxiv ask can cs.cl +12
Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image … 1 day, 2 hours ago | arxiv.org
applications arxiv attack cs.cr +14
On the Reliability of Watermarks for Large Language Models 1 day, 2 hours ago | arxiv.org
arxiv bots cs.cl cs.cr +23
A Watermark for Large Language Models 1 day, 2 hours ago | arxiv.org
arxiv can cs.cl cs.cr +13
Asymmetric Distributed Trust 1 day, 2 hours ago | arxiv.org
abstraction algorithms arxiv can +12
Read Disturbance in High Bandwidth Memory: A Detailed Experimental Study on HBM2 DRAM Chips 1 day, 2 hours ago | arxiv.org
arxiv bandwidth chips cs.ar +5
ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation 1 day, 2 hours ago | arxiv.org
access address area arxiv +17
A Case Study of Large Language Models (ChatGPT and CodeBERT) for Security-Oriented Code Analysis 1 day, 2 hours ago | arxiv.org
analysis arxiv can capabilities +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Security Engineer

@ Elsevier | Home based-Georgia
View on infosec-jobs.com

Infrastructure Compliance Engineer

@ NVIDIA | US, CA, Santa Clara
View on infosec-jobs.com

Information Systems Security Engineer (ISSE) / Cybersecurity SME

@ Green Cell Consulting | Twentynine Palms, CA, United States
View on infosec-jobs.com

Sales Security Analyst

@ Everbridge | Bengaluru
View on infosec-jobs.com

Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France

@ Sopra Steria | Courbevoie, France
View on infosec-jobs.com

Third Party Cyber Risk Analyst

@ Chubb | Philippines
View on infosec-jobs.com
View more jobs