Downfall (security vulnerability)

See also: Transient execution CPU vulnerability

Downfall, known as Gather Data Sampling (GDS) by Intel,^[1] is a computer security vulnerability found in 6th through 11th generations of consumer and 1st through 4th generations of Intel Xeon Scalable x86-64 microprocessors.^[2] It is a transient execution CPU vulnerability which relies on speculative execution of Advanced Vector Extensions (AVX) instructions to reveal the content of vector registers.^[3][4]

Downfall

CVE identifier(s)	CVE-2022-40982
Affected hardware	6-11th gen Intel Core CPUs, 1-4th gen Intel Xeon Scalable CPUs
Website	https://downfall.page/

Vulnerability

Intel's Software Guard Extensions (SGX) security subsystem is also affected by this bug.^[4]

The Downfall vulnerability was discovered by the security researcher Daniel Moghimi, who publicly released information about the vulnerability in August 2023, after a year-long embargo period.^[5][6]

Intel promised microcode updates to resolve the vulnerability.^[1] The microcode patches have been shown to significantly reduce the performance of some heavily-vectorized loads.^[7]

Patches to mitigate the effects of the vulnerability have also been created as part of the forthcoming version 6.5 release of the Linux kernel.^[8] They include code to disable the AVX extensions entirely on CPUs for which microcode mitigation is not available.^[9]

Vendor responses

• Amazon Web Services (AWS)^[10]
• Citrix^[11]
• Dell^[12]
• Debian^[13]
• Google Cloud Platform (GCP)^[14]
• HP Inc.^[15]
• Intel^[16]
• Lenovo^[17]
• Microsoft^[18]
• Qubes OS^[19]
• Red Hat^[20]
• Supermicro^[21]
• Ubuntu^[22]
• VMware^[23]
• Xen^[24]