There is "an opt-out mechanism" that can disable the fix to restore full speeds, though Moghimi doesn't recommend using it. Intel says that mitigations for downfall can reduce performance for workloads that rely on the Gather instruction by up to 50 percent. Not affected are Intel's newer 12th- and 13th-generation CPU architectures (aka Alder Lake and Raptor Lake), low-end CPUs in the Atom, Pentium, and Celeron families (Apollo Lake, Jasper Lake, Gemini Lake, and others), or older CPU architectures like Haswell and Broadwell (currently only officially supported in servers, but also used in 4th- and 5th-generation Core CPUs for consumer PCs). Downfall also affects Xeon server and workstation processors and any Pentium and Celeron processors based on those same architectures. He says he disclosed the bug to Intel about a year ago and describes Downfall as a "successor" to previous speculative-execution bugs like Meltdown and Fallout.Īccording to Intel's support pages-one here for the Downfall bug, one here that lays out the status of multiple CVEs across Intel's CPU lineup-Downfall affects all processors based on the Skylake, Kaby Lake, Whiskey Lake, Ice Lake, Comet Lake, Coffee Lake, Rocket Lake, and Tiger Lake architectures, along with a handful of others.įor those of you who can't keep your lakes straight, that means most CPUs in Intel's 6th through 11th-generation Core lineups for consumer PCs, sold starting in 2015 and still available in some new systems today. Moghimi has published a white paper ( PDF) along with the Downfall website (and its DALL-E 2-generated logo). Intel’s Downfallįor systems that use Intel's Software Guard Extensions (SGX) memory encryption, Intel's microcode fix must be loaded via firmware for systems without SGX, the new microcode fix can be loaded via firmware or at the OS level. It will be up to your PC, server, or motherboard manufacturer to release firmware updates with the fixes after Intel and AMD make them available. Consumer, workstation, and server CPUs are all affected, making patching particularly important for server administrators. Both companies have also said that they're not aware of any active in-the-wild exploits of either vulnerability. " Downfall" and " Inception" (respectively) are different bugs, but both involve modern processors' extensive use of speculative execution (a la the original Meltdown and Spectre bugs), both are described as being of "medium" severity, and both can be patched either with OS-level microcode updates or firmware updates with fixes incorporated.ĪMD and Intel have both already released OS-level microcode software updates to address both issues. Yesterday, different security researchers published details on two different vulnerabilities, one affecting multiple generations of Intel processors and another affecting the newest AMD CPUs. It's a big week for CPU security vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |