CVE-2022-40982: Downfall vulnerability affects Intel processors

CVE-2022-40982

Recently, Intel disclosed a security vulnerability named “Downfall,” discovered by third-party researcher Daniel Moghimi. It utilizes “Gather Data Sampling” to pilfer data and sensitive information from other users’ computers, affecting multiple Core processors, spanning from the 6th generation Skylake to the 11th generation Rocket Lake and Tiger Lake.

Intel has presently announced this flaw in the security bulletin INTEL-SA-00828, with the tracking number CVE-2022-40982. Daniel Moghimi, a senior research scientist at Google, has published detailed information about the “Downfall” security vulnerability on downfall.page and has demonstrated how to steal 128-bit and 256-bit AES keys from other users, as well as how to monitor input characters and retrieve data from the Linux kernel.

Daniel Moghimi stated, “The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not be normally be accessible. I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution. To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques.

In Daniel Moghimi’s view, even users not utilizing Intel’s platform might be affected. After all, Intel’s dominant position in the server market signifies that every user connected to the Internet could potentially be threatened. With cloud services becoming more prevalent, it is entirely feasible to maliciously exploit the CVE-2022-40982 security vulnerability to steal other users’ data and credentials from shared computers.

Intel is currently issuing new microcode for the affected chips and recommends that users update to the latest version of firmware provided by the system manufacturer to resolve these issues.