Google unveils 'Downfall' attacks, vulnerability in Intel chips

Google researcher Daniel Moghimi first reported CVE-2022-40982 and the resulting data leak attacks to Intel in August 2022, but it's taken nearly 12 months to disclose the flaw.

LAS VEGAS -- Just when you thought it was safe for modern microprocessors after Meltdown and Spectre, a new vulnerability for Intel chips threatens to expose sensitive data.

Google on Tuesday disclosed "Downfall," a new class of attacks that exploits a vulnerability in speculative data gathering functions in superscalar processors, a market Intel dominates. The vulnerability, CVE-2022-40982, is caused by a memory optimization feature within modern Intel chip architectures and affects the company's Core processors, from the sixth-generation Skylake series to the 11th-generation Tiger Lake chips.

CVE-2022-40982 was first discovered by Daniel Moghimi, a senior research scientist at Google, who will discuss his findings during a Wednesday session at Black Hat USA 2023. The vulnerability allows a user to access and steal data from another user on the same CPU and could be used to obtain passwords, encryption keys and other high-value information.

Moghimi discovered that threat actors could abuse the gather instruction for Intel's superscalar processors, which are designed for faster accessing of data in memory. While gather is meant to collect data in memory and move it to the CPU's vector register, he found that the instruction leaked the data during speculative execution.

Moghimi spoke with TechTarget Editorial prior to the session about the vulnerability and the resulting Downfall attacks. In the wake of the Meltdown and Spectre disclosures in 2018, he took a greater interest in microprocessor flaws. And like a lot of security researchers, he said, he felt that the mitigations and fixes the major chipmakers deployed had essentially eliminated any future speculative or transient execution side-channel attacks.

The gather instruction is basically a tool that enables the data leaks. The root cause is that we have this memory inside the CPU core, and the CPU shares it with other applications, and isolating this memory is difficult.
Daniel MoghimiSenior research scientist, Google

That was not the case. Moghimi said he began looking at the gather instruction last summer and soon discovered the Downfall attacks. While he reported the vulnerability to Intel in August 2022, public disclosure was held for a year because of the time needed to study the vulnerability and the implications of the attacks.

"I understood how this [gather] instruction worked, and that gave me the intuition that it could leak and steal data," he said. "I wasn't surprised that it leaked data from an application, but I was more surprised it would leak data from vector register files."

Moghimi explained that the vector register is essentially memory inside the CPU core that was introduced 15 years ago with the Advanced Vector Extensions technology, which was implemented in AMD and Intel x86 chips. "The root cause of this problem is actually not the gather instruction," he said. "The gather instruction is basically a tool that enables the data leaks. The root cause is that we have this memory inside the CPU core, and the CPU shares it with other applications, and isolating this memory is difficult."

To exploit CVE-2022-40982, Moghimi developed two attack techniques, which are detailed in his technical paper on Downfall. The first, Gather Data Sampling, is a "highly practical" attack, according to the Downfall-dedicated website, that allows an attacker to steal data from CPU components. The second attack, Gather Value Injection, gives threat actors the ability to turn the data leaks into microarchitectural data injections.

While Downfall attacks could be particularly devastating on CPUs in a cloud infrastructure or virtual machines and could affect a significant number of users on a shared system, Moghimi emphasized that the vulnerability poses a serious threat to endpoint devices as well. In fact, he said that in theory, it is possible to execute this attack in a web browser, though he cautioned that he had not tested such an exploit for Downfall.

"There are potential situations where your personal computer is infected with malware and that malware doesn't have access to all your files and resources, but this kind of exploit could enable that malware [to steal additional data]," he said.

Mitigations for Downfall attacks

As previous mitigations for Meltdown and Spectre flaws were not effective in preventing Downfall attacks, Intel released new microcode updates Tuesday for CVE-2022-40982. The chipmaker also published a full list of affected processors.

Moghimi said he reviewed the fixes and they appear to close off the data leakage, but he emphasized that work needs to be done to analyze the attack vector and the updates. Like previous fixes for Meltdown and Spectre vulnerabilities, the updates for Downfall come at a price. Moghimi said that according to Intel, some workloads could suffer up to 50% overhead. However, there aren't viable alternatives to patching.

Even if an organization's applications aren't using vector instructions, he said, an attacker could still execute them to commit Downfall attacks. In a FAQ on the Downfall website, Moghimi strongly urged users to not disable the Intel mitigations for performance reasons, calling it "a bad idea" because affected microprocessors use vector registers to optimize common operations that would continue to leak data.

An Intel spokesperson sent the following statement to TechTarget: 

"The security researcher, working within the controlled conditions of a research environment, demonstrated the GDS issue which relies on software using Gather instructions. While this attack would be very complex to pull off outside of such controlled conditions, affected platforms have an available mitigation via a microcode update. Recent Intel processors, including Alder Lake, Raptor Lake and Sapphire Rapids, are not affected. Many customers, after reviewing Intel's risk assessment guidance, may determine to disable the mitigation via switches made available through Windows and Linux operating systems as well as VMMs [virtual machine managers]. In public cloud environments, customers should check with their provider on the feasibility of these switches."

Intel isn't the only chipmaker that makes superscalar processors, and Moghimi wrote in his technical paper that the Downfall findings "are alarming for other CPU vendors as well." He noted that preliminary tests on AMD Zen 2 chips showed no signs of data leakage, but more work is needed to study this class of vulnerability.

Moghimi guessed that the reason CVE-2022-40982 and the gather-related attacks weren't discovered sooner is because there has been less research and focus on SIMD -- single instruction, multiple data -- instructions and advanced CPU extensions. He said more attention appears to have been devoted to normal instructions post-Meltdown and Spectre.

It's hard to say whether CVE-2022-40982 will require significant architectural changes for future Intel chips, according to Moghimi. In one respect, Intel is lucky because it only had to develop a microcode update for one instruction with gather.

"But imagine if you had five different instructions that were leaking data from the register files," he said. "Then you could not just fix it with a microcode update. You'd need a fundamental way to isolate those memory components inside the CPU core."

Rob Wright is a longtime technology reporter who lives in the Boston area.

Dig Deeper on Threats and vulnerabilities