A Google researcher stumbled upon a new side-channel attack targeting Intel processors, and they’ve named it Downfall. The vulnerability at the center of this is tracked as CVE-2022-40982.
What’s the Deal with Downfall?
This attack, akin to other CPU exploits, could be used by a local troublemaker or malicious software to grab sensitive information like passwords and encryption keys from the users of the targeted device.
What’s striking is that it’s not limited to your laptop; it extends its reach to cloud environments.
Daniel Moghimi, the brain behind finding this vulnerability, breaks it down for us.
“The issue lies in memory optimization features in Intel processors that unintentionally spill internal hardware registers to software.”
This means that software that shouldn’t have access can now peek at data stored by other programs. Moghimi introduces us to Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques used.
Intel’s Response
Moghimi reported his findings to Intel a year ago, and he claims the Gather Data Sampling method is not just a theory – he’s got a proof-of-concept exploit that can nab encryption keys from OpenSSL.
Intel has responded, categorizing the situation as a ‘medium severity’ and is rolling out firmware updates and an optional software sequence to fix this vulnerability.
Who’s Affected? The Scope of Downfall
The impact of Downfall is quite broad. Intel Xeon and Core processors from the past decade are affected, and even the Intel SGX hardware security feature takes a hit, according to Moghimi.
Intel has shared its take on the situation, mentioning that while the researcher demonstrated the GDS issue in a controlled environment, pulling off such an attack outside these conditions is complex.
- They reassure users that recent processors like Alder Lake, Raptor Lake, and Sapphire Rapids are unaffected.
- Intel suggests checking out Windows and Linux operating systems switches and VMMs to disable the mitigation.
- If you’re in a public cloud setup, a word of advice is to check in with your provider about the feasibility of these switches.
Class Action Against Intel: Allegations on Downfall Vulnerability
Intel has faced a significant legal challenge as a class action lawsuit has been filed over its handling of security vulnerabilities, notably focusing on the recently revealed Downfall attack.
Represented by Bathaee Dunne, the plaintiffs contend that the Intel CPUs they purchased are “defective.”
They argue that these processors are either left vulnerable to cyberattacks or experience a substantial slowdown in performance due to the fixes implemented by Intel to address the vulnerabilities.
Monetary Relief Sought: Damages and Statutory Compensation
The plaintiffs are seeking monetary relief against Intel in response to these issues. The damages sought are either the actual damages to be determined at trial or statutory damages amounting to $10,000 for each plaintiff.
Customers argue that Intel knowingly sold flawed CPUs, raising concerns about both security and performance.
Sauver la Journée!
This isn’t the first time chip vulnerabilities have made headlines. Google researchers recently revealed Zenbleed, a vulnerability in AMD Zen 2 processors, and on the very day Downfall was disclosed.
Inception: an attack that exposes potentially sensitive data from AMD Zen processors has also been discovered.
Intel is one of the best technology providers in the world. The issue has made the company’s goodwill go down rapidly. It is challenging for hardware and software companies to stay sustainable and strategically aligned, as cyber threats are unstoppable.
Beware and try to save each of your days!
Marrium Akhtar
November 13, 2023
6 months ago
