We do often include affiliate links to earn us some pennies. See more here.

Uh oh! Another rather serious security flaw has been found in Intel CPUs named Downfall, so here's a bit of info on it. Additionally, AMD are also dealing with INCEPTION.

First up, the details on the Intel side.

Discovered by Google researcher Daniel Moghimi who put up a dedicated website for it, the issue affects Intel generations from Skylake to 11th gen Tiger Lake and allows attackers to target things like passwords and encryption keys which can then lead onto all sorts of problems. It's listed under CVE-2022-40982 and Intel has confirmed it and they're calling it 'Gather Data Sampling (GDS)' but Downfall sounds cooler.

As Moghimi explained in the brief:

This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. Similarly, in cloud computing environments, a malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer.

The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not be normally be accessible. I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution. To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques.

You can read the full paper on it here and a full list of affected processors here.

Intel said there may be a performance impact of "up to 50%" with mitigations, although they also claim the impact to "most workloads is minimal".

The other side of this is AMD with INCEPTION discovered by Daniël Trujillo, Johannes Wikner, and Kaveh Razavi of ETH Zurich noted as CVE-2023-20569. The summary for this from AMD:

AMD has received an external report titled ‘INCEPTION’, describing a new speculative side channel attack. The attack can result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. This attack is similar to previous branch prediction-based attacks like Spectrev2 and Branch Type Confusion (BTC)/RetBleed. As with similar attacks, speculation is constrained within the current address space and to exploit, an attacker must have knowledge of the address space and control of sufficient registers at the time of RET (return from procedure) speculation. Hence, AMD believes this vulnerability is only potentially exploitable locally, such as via downloaded malware, and recommends customers employ security best practices, including running up-to-date software and malware detection tools.

What AMD processors are affected? Looks like most Zen generation processors.

AMD did say they're not aware of any exploit using it outside of the research environment at this time.

So you'll want to keep an eye on any system updates coming through regardless of being on AMD or Intel, to ensure you're up to date and fully protected. Better to be safe than sorry eh? You should also keep an eye out for any needed BIOS updates as they come in.

Article taken from GamingOnLinux.com.
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. Find me on Mastodon.
See more from me

Linux_Rocks Aug 9, 2023
CyborgZeta Aug 10, 2023
Interesting. I just recently replaced the i5-10400 in my PC with an i5-12400, so this is no longer an issue for me, I guess.

One of my laptops does have an i5-1135G7 in it though. I don't use it very often, however.
omer666 Aug 10, 2023
So many great security issues mascots, maybe we could add them to Tux Kart?!
razing32 Aug 10, 2023
I am wondering if sandboxing can help against the AMD one ?
PublicNuisance Aug 12, 2023
I really need to get my act together and just buy a Talos II. Sure it could have issues as well but at least it's more open so I don't have to rely on closed source microcode updates to fix stuff.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register

Or login with...
Sign in with Steam Sign in with Google
Social logins require cookies to stay logged in.