Bugs emerged earlier this month in Intel and AMD processors that affect both client and server processors over multiple generations. Fortunately, the bugs were found some time ago and researchers kept it quiet while fixes were developed.
Google researchers found the Intel bug known as Downfall (CVE-2022-40982) and reported it to Intel more than a year ago, so both parties had plenty of time to work things out. The Downfall bug exploits a flaw in the “Gather” instruction that affected Intel CPUs use to grab information from multiple places in a system’s memory. A Google researcher created a proof-of-concept exploit that could steal encryption keys and other kinds of data from other users on a given server.
To read this article in full, please click here
Source:: Network World – Data Center