Intel Vulnerability ( INTEL-SA-00828 / CVE-2022-40982 ) Impact on Atrust products

Summary :
On August 8, 2023, Intel released multiple security advisories including details on the 'Downfall' information disclosure vulnerability ( CVE-2022-40982 ).

CVE Identifier :

Vulnerability overview
Name : Downfall
CVE : CVE-2022-40982Description : Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel ( R ) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Issue Summary :
Refer to Intel information resources:

The security of our products is a top priority and critical to protecting our customers. We release new BIOS for affected Atrust products.

Impact on Atrust Products Pertaining to Downfall Vulnerability :
Affected processors : Kaby Lake
CPUID : 806E9
BIOS update for the Affected projects : PC300, PC310

Affected processors : Tiger Lake
PUID : 806C0, 806C1, 806C2
BIOS update for the Affected projects : PC150, t226W, t226L, mt183W, mt183L

Additional Information :
See the researcher-created Downfall Attack vulnerability dedicated website for additional information and technical details.