Downfall (security vulnerability)

Downfall, known as Gather Data Sampling (GDS) by Intel, is a computer security vulnerability found in 6th through 11th generations of consumer and 1st through 4th generations of Xeon Intel x86-64 microprocessors. It is a transient execution CPU vulnerability which relies on speculative execution of Advanced Vector Extensions (AVX) instructions to reveal the content of vector registers.

Vulnerability
Intel's Software Guard Extensions (SGX) security subsystem is also affected by this bug.

The Downfall vulnerability was discovered by the security researcher Daniel Moghimi, who publicly released information about the vulnerability in August 2023, after a year-long embargo period.

Intel promised microcode updates to resolve the vulnerability. The microcode patches have been shown to significantly reduce the performance of some heavily-vectorized loads.

Patches to mitigate the effects of the vulnerability have also been created as part of the forthcoming version 6.5 release of the Linux kernel. They include code to disable the AVX extensions entirely on CPUs for which microcode mitigation is not available.

Vendor responses
• Amazon Web Services (AWS)

• Citrix

• Dell

• Debian

• Google Cloud Platform (GCP)

• HP Inc.

• Intel

• Lenovo

• Microsoft

• Qubes OS

• Red Hat

• Supermicro

• Ubuntu

• VMware

• Xen