Downfall is a new 'severe' flaw in Intel CPUs, while AMD deal with INCEPTION

Uh oh! Another rather serious security flaw has been found in Intel CPUs named Downfall, so here's a bit of info on it. Additionally, AMD are also dealing with INCEPTION.

First up, the details on the Intel side.

Discovered by Google researcher Daniel Moghimi who put up a dedicated website for it, the issue affects Intel generations from Skylake to 11th gen Tiger Lake and allows attackers to target things like passwords and encryption keys which can then lead onto all sorts of problems. It's listed under CVE-2022-40982 and Intel has confirmed it and they're calling it 'Gather Data Sampling (GDS)' but Downfall sounds cooler.

As Moghimi explained in the brief:

This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. Similarly, in cloud computing environments, a malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer.

The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not be normally be accessible. I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution. To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques.

You can read the full paper on it here and a full list of affected processors here.

Intel said there may be a performance impact of "up to 50%" with mitigations, although they also claim the impact to "most workloads is minimal".

The other side of this is AMD with INCEPTION discovered by Daniël Trujillo, Johannes Wikner, and Kaveh Razavi of ETH Zurich noted as CVE-2023-20569. The summary for this from AMD:

AMD has received an external report titled ‘INCEPTION’, describing a new speculative side channel attack. The attack can result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. This attack is similar to previous branch prediction-based attacks like Spectrev2 and Branch Type Confusion (BTC)/RetBleed. As with similar attacks, speculation is constrained within the current address space and to exploit, an attacker must have knowledge of the address space and control of sufficient registers at the time of RET (return from procedure) speculation. Hence, AMD believes this vulnerability is only potentially exploitable locally, such as via downloaded malware, and recommends customers employ security best practices, including running up-to-date software and malware detection tools.

What AMD processors are affected? Looks like most Zen generation processors.

AMD did say they're not aware of any exploit using it outside of the research environment at this time.

So you'll want to keep an eye on any system updates coming through regardless of being on AMD or Intel, to ensure you're up to date and fully protected. Better to be safe than sorry eh? You should also keep an eye out for any needed BIOS updates as they come in.