Summary :
On August 8, 2023, Intel released multiple security advisories including details on the 'Downfall' information disclosure vulnerability ( CVE-2022-40982 ).
CVE Identifier :
CVE-2022-40982
Vulnerability overview
Name : Downfall
CVE : CVE-2022-40982Description : Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel ( R ) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Issue Summary :
Refer to Intel information resources:
- Intel security advisories
- Downfall Vulnerability Documentation:
♦ Gather Sampling Data Technical Paper
♦ Threat Analysis Assessment for GDS Paper
♦ Gather Data Sampling Performance Data Analysis Paper
The security of our products is a top priority and critical to protecting our customers. We release new BIOS for affected Atrust products.
Impact on Atrust Products Pertaining to Downfall Vulnerability :
Affected processors : Kaby Lake
CPUID : 806E9
BIOS update for the Affected projects : PC300, PC310
Affected processors : Tiger Lake
PUID : 806C0, 806C1, 806C2
BIOS update for the Affected projects : PC150, t226W, t226L, mt183W, mt183L
Additional Information :
See the researcher-created Downfall Attack vulnerability dedicated website for additional information and technical details.