There is a newly disclosed set of vulnerabilities in Intel processors that have been given the name Downfall attacks.

Downfall attacks targets a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. Similarly, in cloud computing environments, a malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer.

A series of patches has landed in the mainline kernel, including one for gather data sampling mitigation and one to disable the AVX extension on CPUs where microcode mitigation is not available. "This is a *big* hammer. It is known to break buggy userspace that uses incomplete, buggy AVX enumeration."

Not to be left out, AMD processors suffer from a return-stack overflow vulnerability, again exploitable via speculative execution; this patch, also just merged, describes the problem and its mitigation.

(Log in to post comments)