The ‘Downfall’ Is The Severe CPU Flaw That Leaks Personal Data At A Massive Scale

Downfall

Computers are devices that have become inseparable from human lives.

And this is a big problem, because flaws in computer systems can be catastrophic. One example of this, was when the Meltdown and Spectre bugs were discovered.

These two vulnerabilities affect nearly everything with processor chips.

Discovered in most modern processors, the bug could make pretty much all computers, mobile devices, servers and others vulnerable to attacks.

This time, yet another severe bug is found.

The vulnerability that resides in some Intel processors is affection billions of chips.

Called the 'Downfall,' the bug was first discovered by a senior research scientist from Google, Daniel Moghami.

The vulnerability targets the Gather Instruction in Intel chips, which normally helps the CPU quickly access various data spread all over different parts of its memory. However, the flaw makes internal hardware registers to be exposed to software. If the software is compromised, it’s possible that hackers could seize sensitive data from the computer system.

Affecting CPUs from Intel's mainstream and server processor lineups, starting from Skylake all the way up to Rocket Lake, this translates to billions of affected devices.

In fact, according to the researcher who created a website just for it, "everyone on the internet is affected."

This is because Moghami said that people don’t even need to own an Intel processor to potentially be affected.

This happens because Intel is already dominating the server market, meaning that cloud computing environments might also be hit by this big, where “malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer," explained Moghami.

Downfall is a result of a new class of cyberattacks made possible by CVE-2022-40982, which enables attackers to access and steal sensitive data such as passwords, encryption keys, and private data from other users on the same personal or cloud computer.

"[CVE-2022-40982] is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not be normally be accessible," said Moghimi.

Stealing 128-bit and 256-bit AES keys from another user

Stealing arbitrary data from the Linux Kernel

Spying on printable characters

While pulling off an actual hack with Downfall is difficult, there’s a lot at stake.

This is why Intel fixed the bug.

The bad news is that, the fix severely decrease the performance of the affected chips.

Intel itself estimated a performance loss of up to 50%, with AVX instructions most affected.

The good news however, most users shouldn't see significant performance loss, because the issue happens to be affecting AI-related workloads and overall high-performance computing (HPC) tasks.

According to researchers, most people would only experience performance losses range from 6% up to 39%.

Intel then made a follow up update to say that it would be releasing new microcode for the chips that are affected.

The company recommended users to update their firmware to prevent being affected by Downfall.

Published: 
15/08/2023