Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. Similarly, in cloud computing environments, a malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer. This because the same CPU is shared amongst tenants of the cloud provider.
The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not normally be accessible. I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution. To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques.
This vulnerability was discovered by Daniel Moghimi.
Demos on the vulnerability
In the downfall page, you'd find a few demos on how this attack can be performed.
- Stealing AES keys from another user
- Stealing arbitrary data from Linux Kernel
- Spying on printable character
Moghimi developed two Downfall attack techniques, Gather Data Sampling (GDS) - which is also the name Intel uses to refer to the issue and Gather Value Injection (GVI) - which combines GDS with the Load Value Injection (LVI) technique disclosed in 2020.
Using the GDS technique, Moghimi was able to steal AES 128-bit and 256-bit cryptographic keys on a separate virtual machine (VM) from the controlled one, with each system on sibling threads of the same CPU core.
In less than 10 seconds, eight bytes at a time, the researcher managed to steal AES round keys and combine them to break the encryption.
Extent of vulnerability
While the primary concern would be any device running the Intel chipset, what I find to me more damning is the fact that cloud providers are not immune to this attack.
Hardware vulnerabilities have become prevalent since the discovery of the Speculative Execution vulnerability which affected both Intel and AMD. It is obvious that hardware level vulnerability was not something that was ever consiered by the manufacturers as there were very few research that happened before Speculative Execution.
Intel told BleepingComputer that the issue does not impact Alder Lake, Raptor Lake, and Sapphire Rapids and that Downfall affects the following three families of processors:
- Skylake family (Skylake, Cascade Lake, Cooper Lake, Amber Lake, Kaby Lake, Coffee Lake, Whiskey Lake, Comet Lake)
Tiger Lake family
- Ice Lake family (Ice Lake, Rocket Lake)
Vivek Tiwari, Intel's Vice President of Remediation and Response Engineering, believes that “trying to exploit this outside of a controlled lab environment would be a complex undertaking.”
But what are vulnerabilities/exploits if it isn't exploiting outside of a lab environment?
Intel mentioned to BleepingComputer that customers can review the risk assessment guidance from the company and decide on disabling the microcode mitigation through mechanisms available in Windows and Linux as well as virtual machine managers (VMMs).
The patch?
A hardware microcode was suppose to be deployed to address the vulnerability. This update is issued by Intel for all the affected chipsets which blocks transient results of gather instructions and prevent attacker code from observing speculative data from Gather.
Software-based alternatives exist, although these come with caveats and are temporary solutions to the problem. Moghimi proposes four such alternatives, three of them with significant disadvantages:
- Disabling simultaneous multithreading (SMT) can partially mitigate GDS and GVI attacks, but cutting hyperthreading comes with a 30% loss in performance and leaks across context switching still occur.
- Disallowing affected instructions through the operating system and the compiler to prevent them from leaking secrets to gather; the downside is some apps could be disrupted and the leak still happens if some instructions are missed
- Disabling gather. The drawback here is that applications using the instruction could become slow or even break
- Preventing transient data forwarding after the gather instruction (adding a load fence, e.g. the lfence instruction) can mitigate Downfall and is the solution that Intel adopted with the latest microcode update
Moghimi warns, though, that without eliminating the root cause of the problem “automated testing can practically find new vulnerabilities in CPUs.”
Reference
Moghimi D.(2023). Downfall, Retrieved from https://downfall.page/
Ilascu, I. (2023). New Downfall attacks on Intel CPUs steal encryption keys, data. Retrieved from https://www.bleepingcomputer.com/news/security/new-downfall-attacks-on-intel-cpus-steal-encryption-keys-data/
Intel, Retrieved from
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/microcode-update-guidance.html
Intel, Retrieved from https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/threat-analysis-gds.html
Intel, Retrieved from https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/gds-mitigation-performance-analysis.html