Intel is taking action by providing firmware updates along with an optional software sequence to address the potential risk posed by this vulnerability.
Referred to as CVE-2022-40982, the Downfall bug represents a transient execution side-channel issue affecting Intel processors spanning the sixth-generation Skylake series to the 11th-generation Tiger Lake chips.
The discovery of CVE-2022-40982 has been credited to Daniel Moghimi, a senior research scientist at Google.
Moghimi elaborated on his discoveries during a session at Black Hat USA 2023 held on a Wednesday. He has also provided an extensive explanation of the vulnerability on a dedicated website and in a corresponding technical paper.
As per Moghimi's assessment, a potential attacker who capitalises on this issue can retrieve sensitive data safeguarded by Software Guard eXtensions (SGX).
SGX is Intel's hardware-based memory encryption technology that segregates in-memory code and data from the software running on the system.
Moghimi's Downfall attack methods capitalise on the "gather" instruction that "leaks the content of the internal vector register file during speculative execution."
"Gather" is a part of memory optimisation within Intel processors, designed to accelerate the retrieval of scattered data from memory.
"The gather instruction appears to use a temporal buffer shared across sibling CPU threads, and it transiently forwards data to later dependent instructions, and the data belongs to a different process and gather execution running on the same core," Moghimi explained in his technical paper.
Moghimi's proof-of-concept effectively demonstrates how Downfall can be used ..
Support the originator by clicking the read the rest link below.
