Downfall (security vulnerability)
Downfall is a computer security vulnerability found in recent generations of Intel x86-64 microprocessors. It is a side-channel attack which relies on speculative execution of AVX instructions to reveal the content of vector registers.[1][2] Intel's SGX security subsystem is also affected by this bug.[2]
The Downfall vulnerability was discovered by the security researcher Daniel Moghimi, who publicly released information about the vulnerability in August 2023, after a year-long embargo period.[3][4] Intel uses the name "Gather Data Sampling" to describe the vulnerability.[5]
Intel has promised a microcode update to resolve the vulnerability.[5] Patches to mitigate the effects of the vulnerability have also been created as part of the forthcoming version 6.5 release of the Linux kernel.[6]
References
- ^ Newman, Lily Hay. "New 'Downfall' Flaw Exposes Valuable Data in Generations of Intel Chips". Wired. ISSN 1059-1028. Retrieved 2023-08-08.
- ^ a b "New Downfall attacks on Intel CPUs steal encryption keys, data". BleepingComputer. Retrieved 2023-08-08.
- ^ "Google unveils 'Downfall' attacks, vulnerability in Intel chips". Security. Retrieved 2023-08-08.
- ^ "Intel DOWNFALL: New Vulnerability Affecting AVX2/AVX-512 With Big Performance Implications". www.phoronix.com. Retrieved 2023-08-08.
- ^ a b "Gather Data Sampling". Intel. Retrieved 2023-08-08.
- ^ "Linux 6.5 Patches Merged For Intel GDS/DOWNFALL, AMD INCEPTION". www.phoronix.com. Retrieved 2023-08-09.
External links
 | This computing article is a stub. You can help Wikipedia by expanding it. |
 | This computer security article is a stub. You can help Wikipedia by expanding it. |