Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Intel "Downfall” attack CVE-2022-40982
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Intel "Downfall” attack CVE-2022-40982

keplerkepler Member

Another day, another vulnerability. Not going to make this a wall of text post since the dedi site for it explained it better.
https://downfall.page/

Comments

  • ZyraZyra Member

    here we go again

  • just prey to the hacker gods they don't smite you today

  • PulsedMediaPulsedMedia Member, Patron Provider
    edited August 2023

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982

    Creation date of the CVE was last fall.

    Affected 6th to 11th gen

  • Debian sid latest intel microcode update is dated 20230512 and for "undisclosed security issue" but tagged as urgency=medium. Does the author got to wait for manufacturer to release patch for the embargo to end before making this public?
    https://metadata.ftp-master.debian.org/changelogs//non-free-firmware/i/intel-microcode/intel-microcode_3.20230512.1_changelog

  • [Q] How did you create the logo?

    [A] I used the DALL·E 2 AI system to create the logo.

    It was fun imagining a guy being tasked to design a cool logo for a vulnerability, not anymore I guess. Gone are those days.

  • jsgjsg Member, Resident Benchmarker
    edited August 2023

    @kepler said:
    Debian sid latest intel microcode update is dated 20230512 and for "undisclosed security issue" but tagged as urgency=medium. Does the author got to wait for manufacturer to release patch for the embargo to end before making this public?
    https://metadata.ftp-master.debian.org/changelogs//non-free-firmware/i/intel-microcode/intel-microcode_3.20230512.1_changelog

    Not "does have to" but it's normal practice. It seems that "hackers must not know about it!" is considered more critically important than "normal users should know about it!". Also, coincidence, coincidence, this practice just so happens to make the giants happier, i.e. the real culprits.

    To avoid misunderstandings: Downfall is worse and more dangerous than most other major clusterf#cks (like e.g. 'Falldown').

    Oh, and: intel's plaster weighs very heavy on performance. Up to about 50%.

  • LeviLevi Member

    Once again, big words and loud shouts, but in practice - 0 impact on average Joe.

    Thanked by 1PineappleM
  • tentortentor Member, Host Rep
    edited August 2023

    @LTniger said:
    Once again, big words and loud shouts, but in practice - 0 impact on average Joe.

    Average "I have nothing to hide"?

    From downfall description:

    malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages.

  • LeviLevi Member

    @tentor said: Average "I have nothing to hide"?

    Nope. Just real world experience. I have hundreds of VPS across multiple providers with ranging CPUs from E3 to EPYC. No problems regarding stealing data. Let alone banking details... What the fuck. Do you allow strangers on your own linux desktop PC? All these vulns do not bother average Joe in low end world. Heck, even in a medium end world.

    In big corpos, yes, there is valuable data to steal and crackers probably will invest time into this.

    Does anyone experienced first hand direct damage for any previous Intel/AMD CPU vulns?

    Thanked by 1PineappleM
  • tentortentor Member, Host Rep
    edited August 2023

    @LTniger said:
    Do you allow strangers on your own linux desktop PC?

    I think you just didn't get the point. Hacker don't need physical access, they only need to convince a victim to run some binary. And as far as I know, even this process got automated. So hackers do not spend much time on that attacks, as well as they do not try to target someone specific.

    If you think this is not common - you are lucky or clever enough to not run such software.

    However information stealer malware is pretty common, unfortunately. There are plenty of bank details entries got sold each day on shady blackhat forums as well as credentials for personal accounts that does not have anything valuable such as government secrets or anything.

    Such vulnerabilities makes it much easier for hackers to steal data and not trigger anything like UAC on Windows systems or do not require running under root on Linux systems.

  • LeviLevi Member

    Lucky intel to be able to patch this via microcode update.

  • cxgcxg Member

    Dies anybody know how this is handled for stable? Any updates incoming?

  • suutsuut Member
    edited August 2023

    Intel has fixed this bug. It's called: Fixed the bug that the old device was too smooth. :'(

Sign In or Register to comment.