A worrying new CPU security flaw known as Downfall has been discovered, affecting Intel processors from the sixth generation Skylake processors through the eleventh generation Rocket Lake and Tiger Lake processors. Daniel Moghimi, a research scientist at Google, made the finding and Intel has acknowledged the problem in their security bulletin, INTEL-SA-00828.
The primary issue is triggered by memory optimization functions in Intel CPUs, which let software users gain access to some restricted hardware registers. This exploit leverages Gather Instructions present in the affected CPUs with AVX2 and AVX-512 support. The danger of data theft, including the loss of encryption keys and passwords, is increased as a result of malicious software’s potential to compromise software and applications.
Even more troubling is the fact that cloud computing operators may also be affected by this vulnerability. Moghimi claims that “similarly, in cloud computing environments, a malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer.”
The use of AVX instructions is widespread throughout many subprocesses and libraries, and they are essential to many difficult tasks like rendering and encoding programs. While there’s no immediate reason to panic, it’s still a good idea for users to be on guard by keeping an eye on their product page and adhering to instructions to update the BIOS as needed. By doing this, users can ensure that their system is protected from potential risks resulting from this vulnerability.
Implementing an upgraded BIOS with a microcode cure can frequently result in a noticeable drop in performance with vulnerabilities like these, and unfortunately, it appears to be the case here. Initial testing by Phoronix, which entailed updating Linux kernel patches and microcode, showed noticeable performance drops.
Despite the fact that they are not immune, gamers may experience the impacts of this sensitivity less severely. In contrast to compute-intensive professional and enterprise applications, games often rely less on AVX instructions, hence it is hoped that they won’t suffer from the same amount of performance deterioration.
This vulnerability is likely to have a big impact on emulation programmes. Emulators that primarily rely on the AVX-512 instruction set, like the RPCS3 PS3 emulator, are particularly prone to performance loss.
This circumstance can serve as an additional motivation for people who are thinking about upgrading to a 12th or 13th Gen system. It’s important to note that processors from the Alder Lake and Raptor Lake generations are not impacted by the Downfall vulnerability, potentially providing individuals worried about this problem with a more secure and performance-effective option.