Nemesis11
Power Member
Downfall....
https://downfall.page/media/downfall.pdf
https://downfall.page/Downfall attacks targets a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. Similarly, in cloud computing environments, a malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer.
The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not be normally be accessible
https://downfall.page/media/downfall.pdf
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html?wapkw=gather data samplingGather Data Sampling (GDS) is a transient execution side channel vulnerability affecting certain Intel processors. In some situations when a gather instruction performs certain loads from memory, it may be possible for a malicious attacker to use this type of instruction to infer stale data from previously used vector registers1. These entries may correspond to registers previously used by the same thread, or by the sibling thread2 on the same processor core.
Intel DOWNFALL Ultra-Scary AVX2 and AVX-512 Side channel Attack Discovered
The new Downfall vulnerability is a big one. This impacts Intel’s desktop CPUs up to Alder Lake and Intel’s server CPUs up to Ice Lake, the generation that was still top-of-the-line on the first day of 2023. Found by Daniel Moghimi, now at Google, the vulnerability targets AVX2 and AVX-512 pipelines in what Intel is calling a Gather Data Sampling (GDS) attack.
Intel and Daniel have been working for some time on this before its disclosure today. Intel and its firmware and OS partners have been coordinating a microcode update that will mitigate the vulnerability. This is an important enough vulnerability that the default will be “ON” for the mitigation.
For STH readers, if you have AVX-512 or AVX2 heavy pipelines, then we would advise looking at the pre/post mitigation performance and doing a risk assessment based on the likelihood that an attack can occur in your environment.
Which CPUs are Impacted by Downfall?
Intel told us that the following CPU architectures are impacted:
- Skylake family (Skylake, Cascade Lake, Cooper Lake, Amber Lake, Kaby Lake, Coffee Lake, Whiskey Lake, Comet Lake)
- Tiger Lake family
- Ice Lake family (Ice Lake, Rocket Lake)
https://www.servethehome.com/intel-...2-and-avx-512-side-channel-attack-discovered/To the best of our knowledge, AMD CPUs are not impacted by this.