DanskCVE-2022-40982, known as "Downfall," is a security vulnerability affecting certain Intel processors. Discovered by Google researcher Daniel Moghimi, this flaw exploits the Gather instruction—a feature designed to accelerate data retrieval from non-contiguous memory locations. The vulnerability allows untrusted software to access sensitive data, such as passwords and encryption keys, from other programs running on the same system.
Affected Processors:
The Downfall vulnerability impacts Intel processors from the 6th through the 11th generation, including:
-
Core Processors: Skylake, Kaby Lake, Coffee Lake, Whiskey Lake, Comet Lake, Ice Lake, Tiger Lake, and Rocket Lake.
-
Xeon Processors: Xeon processors based on the same architectures.
Intel's latest products, such as Alder Lake, Raptor Lake, and Sapphire Rapids, have defense-in-depth measures in place and are not affected by this vulnerability.
Mitigation Steps:
To mitigate the Downfall vulnerability, Intel has released a microcode update. Users should install the Intel Platform Update (IPU) 23.3 microcode update, typically obtained from the original equipment manufacturer (OEM). This update enables the mitigation by default, with no option to disable it.
Performance Impact:
Applying the mitigation may result in performance overhead, particularly in workloads utilizing AVX2 and AVX-512 instructions. Performance impacts can vary depending on the specific processor model and workload characteristics. For instance, some tests have shown performance reductions ranging from 6% to 39% in certain benchmarks.
