Hertzbleed is a new vulnerability that is present on Intel and AMD CPUs. It allows extracting information from much like Spectre does, though it is more feasible to exploit over a network.
On the whole, after reading the paper, it is not as big of a problem like those vulnerabilities but it is important to understand if you are a sysadmin.
What it can do:
- Remotely break encryption keys from only SIKE, at this time,
- Remotely means only local, Ethernet networks, not over the internet (<1ms latency in the paper), [2]
- Only works on CPUs with very fine-grained clock boosting (Ryzen 2nd+ gen, Intel 9th+) [1]
- Can weaken kernel defenses against hacks (ASLR).