Downfall Intel CPU side-channel attack exposes sensitive data


Google researcher Daniel Moghimi devised a new side-channel attack technique Intel CPU, named Downfall, that relies on a flaw tracked as CVE-2022-40982.

An attacker can exploit this vulnerability to access and steal data from other users who share the same systems. Malware can carry out a Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages.

The attack could be more dangerous in cloud computing environments because the attacker could exploit the Downfall issue to steal sensitive data from other customers who share the same cloud computer.

“The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not be normally be accessible.” wrote Moghimi. “I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution. To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques.”

Read more…