Daniel Moghimi, a security researcher employed by Google, has found a new important vulnerability in Intel processors: it has been baptized Downfall, because it is in a certain sense “relative” of already known flaws, however very well known, such as Meltdown and Fallout, and concerns all Intel Core processors between the sixth (Skylake) and the eleventh (Tiger Lake) generation.
Note that Tiger Lake is only the range of “mobile” chips, intended as ultrabooks and tablets, of the Core 11 series, while the desktop/server chips are marked with the codename Rocket Lake; Tiger Lake came out in 2020, while Rocket Lake in 2021. It is not perfectly clear if this is an inaccuracy of the researcher or if indeed the Rocket Lake chips are immune, as indeed the twelfth and thirteenth generation Cores (Alder Lake and Raptor Lake). The researcher explains that the vulnerability affects all chips with AVX2 and AVX-512 instruction sets; Rocket Lake has its own AVX-512, so the former seems more likely. But for now there are no direct confirmations.
It’s worth noting that even if you don’t own the processors involved, Intel dominates the server PC market with over 70% market share; According to Moghimi, basically anyone connected to the internet is at risk. Intel has been aware of the problem for a very long time (almost a year, even); time that was used to prepare countermeasures and corrective mitigations. Theoretically, the performance impact could be drastic – it’s as high as 50%, but Intel says it hasn’t seen any slowdowns with “most” workloads.
Without getting too technical, this vulnerability also has to do with the so-called speculative execution, or that series of technologies for which the processor tries to “predict” the next operations required and performs them in advance to save time. Flaws like Meltdown and Spectre fall into the same category, but apparently Downfall bypasses all the security measures implemented by Intel. In a nutshell, a hacker may be able to extract very sensitive data such as passwords and cryptographic keys, which in turn can be used to steal all kinds of information – even financial, of course.
According to Moghimi, the risk is very real because once the Downfall mechanism is known it is relatively easy to develop an exploit. “The only requirement is that the hacker and the victim use the same physical core of the processor,” a very common scenario in modern systems. More technical information for those wishing to learn more is available on the official website of the vulnerability, which you can find by following the SOURCE link below. Little curiosity: the Downfall logo, which you see re-proposed here at the beginning, was created by OpenAI’s generative artificial intelligence DALL-E 2.