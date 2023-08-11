The Downfall vulnerability has recently been reported to compromise several Intel CPUs, posing serious security backdoor implications. The vulnerability specifically affects workloads utilizing AVX2/AVX-512 gather instructions, with older-generation Tiger Lake/Ice Lake lineups being particularly impacted. This hardware vulnerability exposes hardware registry contents, potentially leading to large-scale data thefts.

To mitigate the issue, Intel released microcode updates, but these come with performance impacts. The effects of the mitigation were initially unknown, but benchmarks conducted by Phoronix provide insights into the extent of the vulnerability’s impact on CPUs.

The tested CPUs include Intel’s Xeon Platinum 8380, Xeon Gold 6226R, and the Core i7-1165G7. All three processors were found to be vulnerable. If you want to check if your CPU is impacted, Intel has provided a complete list for reference.

The benchmarks show that the Xeon Platinum 8380 experienced a performance decline in various scenarios. In OpenVKL, there was a 6% drop, while in OSPRay 1.2, it reached 34%. AI workloads saw significant drops as well, with Neural Magic DeepSparse 1.5 showing expected reductions.

The Intel Xeon Gold 6226R CPUs also experienced performance hits, with a 9% reduction in OpenVKL and a more substantial 33% drop in OSPRay 1.2. Similar results were observed across all benchmark tests, confirming the vulnerability’s impact on multiple Intel processors.

Even the consumer-focused Intel Core i7-1165G7 CPU faced performance penalties due to the mitigation. The performance impacts ranged from 19-39% in OSPRay 2.12 and an almost 11% reduction in OpenVKL 1.3.1.

Fortunately, the performance decline was not as severe as initially predicted by Intel, with results falling short of the expected 50% drop. However, significant declines were still observed in the benchmarks, particularly for HPC workloads.

For average consumers engaged in gaming and entertainment, the “Downfall” vulnerability may not be a major concern. Intel has advised users to disable the CPU microcode to avoid performance penalties, but this poses a greater risk of data leakage, which is not advisable for corporations where security is crucial.

In conclusion, the Downfall vulnerability compromises multiple Intel processors and requires a performance tradeoff to mitigate. While the performance impacts are not as extreme as initially anticipated, it is essential to address the decline and consider the implications for specific workloads and user requirements.