New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Intel "Downfall” attack CVE-2022-40982
Another day, another vulnerability. Not going to make this a wall of text post since the dedi site for it explained it better.
https://downfall.page/
Comments
here we go again
just prey to the hacker gods they don't smite you today
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982
Creation date of the CVE was last fall.
Affected 6th to 11th gen
Debian sid latest intel microcode update is dated 20230512 and for "undisclosed security issue" but tagged as urgency=medium. Does the author got to wait for manufacturer to release patch for the embargo to end before making this public?
https://metadata.ftp-master.debian.org/changelogs//non-free-firmware/i/intel-microcode/intel-microcode_3.20230512.1_changelog
[Q] How did you create the logo?
[A] I used the DALL·E 2 AI system to create the logo.
It was fun imagining a guy being tasked to design a cool logo for a vulnerability, not anymore I guess. Gone are those days.
Not "does have to" but it's normal practice. It seems that "hackers must not know about it!" is considered more critically important than "normal users should know about it!". Also, coincidence, coincidence, this practice just so happens to make the giants happier, i.e. the real culprits.
To avoid misunderstandings: Downfall is worse and more dangerous than most other major clusterf#cks (like e.g. 'Falldown').
Oh, and: intel's plaster weighs very heavy on performance. Up to about 50%.
Once again, big words and loud shouts, but in practice - 0 impact on average Joe.
Average "I have nothing to hide"?
From downfall description:
Nope. Just real world experience. I have hundreds of VPS across multiple providers with ranging CPUs from E3 to EPYC. No problems regarding stealing data. Let alone banking details... What the fuck. Do you allow strangers on your own linux desktop PC? All these vulns do not bother average Joe in low end world. Heck, even in a medium end world.
In big corpos, yes, there is valuable data to steal and crackers probably will invest time into this.
Does anyone experienced first hand direct damage for any previous Intel/AMD CPU vulns?
I think you just didn't get the point. Hacker don't need physical access, they only need to convince a victim to run some binary. And as far as I know, even this process got automated. So hackers do not spend much time on that attacks, as well as they do not try to target someone specific.
If you think this is not common - you are lucky or clever enough to not run such software.
However information stealer malware is pretty common, unfortunately. There are plenty of bank details entries got sold each day on shady blackhat forums as well as credentials for personal accounts that does not have anything valuable such as government secrets or anything.
Such vulnerabilities makes it much easier for hackers to steal data and not trigger anything like UAC on Windows systems or do not require running under root on Linux systems.
Patch finally being pushed into debian repo
https://metadata.ftp-master.debian.org/changelogs//non-free-firmware/i/intel-microcode/intel-microcode_3.20230808.1_changelog
Lucky intel to be able to patch this via microcode update.
Dies anybody know how this is handled for stable? Any updates incoming?
Intel has fixed this bug. It's called: Fixed the bug that the old device was too smooth.