Publication Date: 2023/08/01 10:00AM PDT
AWS is aware of recently-published security research describing software-based power side-channel concerns, otherwise known as ”Collide+Power“. AWS customers’ data and instances are not impacted by this issue, and no customer action is required. AWS has designed and implemented its infrastructure with protections against these types of concerns. Amazon EC2 instances, including Lambda, Fargate, and other AWS-managed compute and container services, do not expose power measurement mechanisms, such as Running Average Power Limit (RAPL) or similar interfaces, within the virtualized environment.
We would like to thank the Graz University of Technology and CISPA Helmholtz Center for Information Security for responsibly disclosing this issue and working with us on its resolution.
Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.