• EN

New Vulnerability in Intel Processors – Downfall

JMeixner
Userlevel 7
Badge +17

All Intel processors from 2015 to 2022 are affected by a vulnerability called “Downfall”. Attackers can grab sensitive information from other users on a computer like password, encryption keys and personal data. Google found this flaw nearly a year ago and reported is to Intel.

The flaw is in the processor’s memory optimization and makes unintended  internal hardware register accessible by software. This can be used on multi-user computer to get information from other users. On single-user computer malicious applications or apps can use this flaw.  Another scenario is to attack cloud-computer that are located on the same physical infrastructure. So, nearly all computer users are affected.

Antivirus software cannot detect this kind of attack. So, patching is the only solution for this situation.

Intel provides fixes for their processor’s firmware, but they have to be distributed by the device manufactures. They will create tailored patches for their devices based on the code provided by Intel. So, this can take some time.

Some information from Intel:

https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html?wapkw=Downfall
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/gather-data-sampling.html?wapkw=downfall

https://community.intel.com/t5/Blogs/Products-and-Solutions/Security/Chips-Salsa-Episodes-56-and-57-Gather-Data-Sampling-Downfall-and/post/1508842?wapkw=downfall

Some further information:

https://www.wired.com/story/downfall-flaw-intel-chips/

Jochen (Joe) Meixner | Veeam Vanguard 2024 | Veeam Legend 2021 - 2023 | Veeam Certified Architect (VMCA) 2022 | Twitter: @JoMeix | BlueSky: @jmeixner.bsky.social

11 comments

coolsport00
Userlevel 7
Badge +17

Yes...saw a little about this yesterday. Another horrible CPU vulnerability😕 Thank you for sharing @JMeixner 

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
MarcoLuvisi
Userlevel 7
Badge +5

With this vulnerability we are all potentially attackable 🤐

Thanks @JMeixner for share info

Marco Luvisi | VCP-VCAP | MCP | NCDA-NCSE | VMTSP | SCA | VUG Italy Leader
vAdmin
Userlevel 7
Badge +2

Wow, another big vulnerability published :-o THank you for sharing @JMeixner 

Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner
Chris.Childerhose
Userlevel 7
Badge +20

Read about this one yesterday in a news feed.  Pretty bad and will be for most IT Administrators to get this patched and not affect ancillary programs like VMware, etc.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
victorwu
Userlevel 7
Badge +7

Thank you for your sharing @JMeixner 😉

Victor Wu
dloseke
Userlevel 7
Badge +6

This for posting this….I hate how much we’re beginning to see hardware vulnerabilities via microcode and firmware.  This looks like another bad one so we’ll have to stay on top of firmware updates as usual, but they’re far to easy to miss and remain vulnerable.

Derek M. Loseke, Senior Systems Engineer | Veeam Legend 2022-2023 | VMSP/VMTSP | VCP6-DCV | VSP/VTSP | CCNA | https://technotesanddadjokes.com | @dloseke
MicoolPaul
Userlevel 7
Badge +20

Just saw a performance impact digest, up to 39% performance reduction in workloads that use the impacted instruction 😩

Michael Paul - #VeeamLegend | #VeeamVanguard | Veeam Certified Architect | VMware vExpert | https://micoolpaul.com | Twitter: @MicoolPaul | Mastodon: @micoolpaul@masto.nu | Bluesky: @micoolpaul.bsky.social
dloseke
Userlevel 7
Badge +6

Wish I could say I was surprised.  Last time we went though processor vulnerabilities with Intel, there were performance impacts as well.

Derek M. Loseke, Senior Systems Engineer | Veeam Legend 2022-2023 | VMSP/VMTSP | VCP6-DCV | VSP/VTSP | CCNA | https://technotesanddadjokes.com | @dloseke
HunterLAFR
Userlevel 7
Badge +8

dang it!
it will never stops!
I do remeber we had a “situation” with a processor, after upgrading, it just died and we had to call customer support to get it replaced, losing one ESXi Server for a couple of days.

thanks for sharing.

cheers.

Luis F.- HunterLF - HunterLAFR - lfconsulting.org
dips
Userlevel 7
Badge +7

Thanks for sharing @JMeixner 

Has anyone started seeing any updates from the manufacturers and if you have installed the update, what type of performance impact are you seeing?

I reckon SQL workloads might be impacted the most.

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
JMeixner
Userlevel 7
Badge +17

I haven’t seen any updates from manufactures up to now. Intel has delivered code to them and they are in the process to build tailored fixes.

Jochen (Joe) Meixner | Veeam Vanguard 2024 | Veeam Legend 2021 - 2023 | Veeam Certified Architect (VMCA) 2022 | Twitter: @JoMeix | BlueSky: @jmeixner.bsky.social

Comment


Terms & Conditions