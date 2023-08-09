Intel announced that it has addressed a security vulnerability known as “Downfall” in its processors. The flaw was discovered by security researcher Daniel Moghimi from the University of California San Diego. The vulnerability affects Intel processors released between 2015 and 2019, specifically those from the 6th Gen Skylake to the 11th Gen Tiger Lake. Intel has provided a list of affected chips.

The vulnerability, also referred to as Gather Data Sampling (GDS) by Intel, allows hackers to target high-value credentials such as passwords and encryption keys. The attack requires the attacker and victim to share the same physical CPU core. While this may seem unlikely, given the prevalence of multitasking, multithreading, servers, and cloud computing, Moghimi suggests that this flaw likely impacts a large number of users.

Intel has released a fix for the vulnerability, but it comes with a significant performance impact for certain types of workloads. Scientific and visualization engineering workloads are expected to be most affected, with the mitigation causing up to a 50% overhead depending on the workload.

To address this issue, Intel has implemented the mitigation by default but also offers an opt-out mechanism for users to disable it. However, this means that it is uncertain which Intel servers are immune to the vulnerability because the decision to apply the fix is in the hands of the server owner.

Intel stated that Moghimi discovered the vulnerability in a controlled research environment, and it would be challenging to execute the attack outside of such conditions. Intel also confirmed that recent processors like Alder Lake, Raptor Lake, and Sapphire Rapids are not affected.

Customers are advised to review Intel’s risk assessment guidance and may choose to disable the mitigation through switches available in Windows and Linux operating systems, as well as virtual machine monitors (VMMs). In public cloud environments, customers should consult their provider to inquire about the feasibility of using these switches.