Tuesday, October 8, 2024
Homecyber securityIntel is Being Sued Over the 'Downfall' CPU Vulnerability for $10K per...

Intel is Being Sued Over the ‘Downfall’ CPU Vulnerability for $10K per Plaintiff

Published on

A class-action lawsuit had been filed against Intel due to a critical “Downfall” vulnerability in Intel CPUs, a defect that Intel was aware of since 2018 but neglected to report.

According to Intel, the only way to “fix” it is to apply a patch that reduces CPU performance by up to 50% when performing some common computing tasks, such as encryption, gaming, and photo and video editing.

The plaintiffs are purchasers of Intel Central Processing Units (or “CPUs”). As a result, they are left with defective CPUs that are either extremely exposed to attacks or require drastic slowdowns.

- Advertisement - EHA

Reports say they are not the CPUs that the class members and plaintiffs bought. They are significantly less valuable and perform very differently.

Five representative plaintiffs have filed a 112-page complaint in the San Jose Division of the Northern District of California United States District Court, claiming that Intel was aware of faulty instructions that allowed for the “Downfall” bug half a decade before any sort of fix was made available.

Plaintiffs seek compensation for Intel’s willful choice to sell processors with an obviously flawed design without disclosing the fact, as well as for a purported “fix” that destroys their CPU’s performance.

Downfall Attacks Found in Billions of Modern Processors

The vulnerability was identified as CVE-2022-40982, a 6.5 medium CVSS-rated information disclosure vulnerability in Intel’s sixth to eleventh-generation CPUs.

“Attackers can exploit the vulnerability and read data from other programs and memory areas,” the report said.

Document
Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Downfall attacks target a critical flaw identified in billions of modern CPUs used in personal and cloud systems. This vulnerability allows a user to get access to and steal data from other users who share the same machine.

Daniel Moghimi, a security expert at Google, reported the vulnerability to Intel on August 24, 2022, but only made the vulnerability public on August 9, 2023.

High-end CPUs started to use branch prediction in the 1990s. This speculative process was meant to keep the CPU from stalling while it waited for data from relatively slow system memory. 

This technique made significant gains in computing power and efficiency possible, which also paved the way for the development of additional “speculative execution” strategies, such as subsystems that let CPUs carry instructions out of order and even anticipate how they will be executed in the future.

All modern CPUs have had these execution features in place for over ten years. These days, they are an essential component of every CPU produced by Intel and its rivals, and without them, the CPU performance cannot be anticipated to be high enough.

Modern CPUs also require “segmentation,” which means that privileged computer programs and the resources they consume (such as system memory and hardware) must be kept separate from user-run programs. This is also a fundamental feature of all modern CPUs.

However, Intel defectively designed these critical systems in billions of their CPUs. Intel CPUs are designed to discard the results of an execution if the CPU makes an incorrect assumption when speculatively executing instructions.

Rather, Intel’s CPUs leave behind “side effects”—data that persists in the CPU’s cache memory or temporary buffers even after the outcomes of the speculative execution are discarded.

“For years, Intel knowingly sold billions of CPUs with this massive vulnerability, which imperiled the foundation of secure networking, secure communications, and secure data storage for Intel CPUs used in PCs, in cloud servers, and in embedded computers used across the country in functional MRIs, power grids, and industrial control systems,” the report said.

After disclosing the Downfall vulnerability, Intel released a microcode upgrade that purportedly addressed the vulnerability. 

The truth is that Intel’s “mitigation” severely restricted the same systems—speculative execution and branch prediction—that are essential to the operation of any modern CPU, causing impacted CPUs to perform as much as 50% worse.

To “mitigate” their vulnerability to Downfall, plaintiffs are left with defective CPUs that must have significant performance and functionality impairments. These are not the CPUs they purchased.

Hence, the prosecution is seeking “monetary relief against Intel measured as the greater of (a) actual damages in an amount to be determined at trial or (b) statutory damages in the amount of $10,000 for each plaintiff.”

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Badge and CyberArk Announce Partnership to Redefine Privacy in PAM and Secrets Management

Partnership aims to help businesses eliminate vulnerable attack surfaces and provide a more streamlined...

LemonDuck Malware Exploiting SMB Vulnerabilities To Attack Windwos Servers

The attackers exploited the EternalBlue vulnerability to gain initial access to the observatory farm,...

Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars

Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day...

Likho Hackers Using MeshCentral For Remotely Managing Victim Systems

The Awaken Likho APT group launched a new campaign in June of 2024 with...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars

Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day...

Likho Hackers Using MeshCentral For Remotely Managing Victim Systems

The Awaken Likho APT group launched a new campaign in June of 2024 with...

Hackers Gained Unauthorized Network Access to Casio Networks

Casio Computer Co., Ltd. has confirmed that a third party illegally accessed its network...