Downfall attacks can gather passwords, encryption keys from Intel processors

A variety of Intel Core processors and the devices using them are vulnerable to “Downfall”, a new class of attacks made possible by CVE-2022-40982, which enables attackers to access and steal sensitive data such as passwords, encryption keys, and private data from other users on the same personal or cloud computer.

CVE-2022-40982 and the Downfall attacks

“[CVE-2022-40982] is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not be normally be accessible,” Daniel Moghimi, a research scientist at Google, explained.

“I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution.”

He devised two exploitation techniques: Gather Data Sampling (GDS) and Gather Value Injection (GVI), and demonstrated how they can be used to do things like stealing AES keys, data from the Linux kernel, and more.

The GDS technique is highly practical, Moghimi says. “It took me 2 weeks to develop an end-to-end attack stealing encryption keys from OpenSSL. It only requires the attacker and victim to share the same physical processor core, which frequently happens on modern-day computers, implementing preemptive multitasking and simultaneous multithreading.”

The techniques defeat all OS and virtual machine isolation features, as well as the Intel SGX hardware security feature. They also bypass all the mitigations that have previously been put in place after the discovery of the Meltdown and Fallout/MDS attacks on Intel GPUs.

More technical details about the attacks are available in Moghimi’s paper.

What should you do?

Desktop computers, laptops, tablets, cloud servers and other devices using Intel Core processors from the Skylake chip family, the Tiger Lake family, and the Ice Lake family are affected. Newer generations of Intel Core processors – Alder Lake, Raptor Lake, and Sapphire Rapids – block the attacks.

Moghimi shared his findings with Intel in August 2022 and the company has been working on a fix. They have now released a microcode update that blocks transient results of gather instructions and prevents attacker code from observing speculative data from the Gather instruction.

“Intel recommends that users of affected Intel Processors update to the latest version firmware provided by the system manufacturer that addresses these issues,” the company advised.

“The microcode update will also provide an opt-out mechanism (using bit 4 of the IA32_MCU_OPT_CTRL MSR) which allows system software to disable the mitigation in order to avoid the performance impact on certain vectorization-heavy workloads.”

Citrix, AWS, Google, VMware and Debian have released security bulletins that inform their customers of the already implemented fixes and, in some cases, actions customers should take.

“Our findings are alarming for other CPU vendors as well,” Moghimi noted in his technical paper.

“The attack technique we demonstrated can broadly apply, even though each vendor implements Gather and SIMD register buffers differently. Our preliminary tests on AMD Zen2 showed no sign of data leaks, but we plan to continue our investigation of automated and scalable testing of other CPUs manufactured by Intel and different vendors. Intel has shared the paper (with our permission) with other CPU and software vendors so that those organizations can assess the impact on their products.”

Other recent attacks against CPUs

Previously, Google researcher Tavis Ormandy discovered Zenbleed (CVE-2023-20593), a vulnerability affecting AMD Zen2 CPUs, the exploitation of which could lead to similar results (use data theft from internal hardware registers).

Researchers from ETH Zurich have also shared their discovery of a new speculative side channel attacks against AMD processors, which they dubbed Inception. AMD has released and will be shipping a µcode patch, BIOS update, and AGESA firmware with fixes for the Inception flaw (CVE-2023-20569), and OS makers are releasing updates and mitigation options.