To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

Downfall (security vulnerability)

From Wikipedia, the free encyclopedia

See also: Transient execution CPU vulnerability
Downfall
CVE identifier(s)CVE-2022-40982
Affected hardware6-11th gen Intel Core CPUs
Websitehttps://downfall.page/

Downfall, known as Gather Data Sampling (GDS) by Intel,[1] is a computer security vulnerability found in 6th through 11th generations of consumer and 1st through 4th generations of Xeon Intel x86-64 microprocessors.[2] It is a transient execution CPU vulnerability which relies on speculative execution of Advanced Vector Extensions (AVX) instructions to reveal the content of vector registers.[3][4]

Vulnerability

Intel's Software Guard Extensions (SGX) security subsystem is also affected by this bug.[4]

The Downfall vulnerability was discovered by the security researcher Daniel Moghimi, who publicly released information about the vulnerability in August 2023, after a year-long embargo period.[5][6]

Intel promised microcode updates to resolve the vulnerability.[1] The microcode patches have been shown to significantly reduce the performance of some heavily-vectorized loads.[7]

Patches to mitigate the effects of the vulnerability have also been created as part of the forthcoming version 6.5 release of the Linux kernel.[8] They include code to disable the AVX extensions entirely on CPUs for which microcode mitigation is not available.[9]

Vendor responses

References

  1. ^ a b "Gather Data Sampling / CVE-2022-40982 / INTEL-SA-00828". Intel. Retrieved 2023-08-08.
  2. ^ "Affected Processors: Transient Execution Attacks & Related Security..." Intel. Retrieved 2023-08-16.
  3. ^ Newman, Lily Hay. "New 'Downfall' Flaw Exposes Valuable Data in Generations of Intel Chips". Wired. ISSN 1059-1028. Retrieved 2023-08-08.
  4. ^ a b Ilascu, Ionut (2023-08-08). "New Downfall attacks on Intel CPUs steal encryption keys, data". BleepingComputer. Retrieved 2023-08-08.
  5. ^ Wright, Rob (2023-08-08). "Google unveils 'Downfall' attacks, vulnerability in Intel chips". Security. Retrieved 2023-08-08.
  6. ^ Larabel, Michael (2023-08-08). "Intel DOWNFALL: New Vulnerability Affecting AVX2/AVX-512 With Big Performance Implications". www.phoronix.com. Retrieved 2023-08-08.
  7. ^ Liu, Zhiye (2023-08-10). "Intel's Downfall Mitigations Drop Performance Up to 39%, Tests Show". Tom's Hardware. Retrieved 2023-08-11.
  8. ^ Larabel, Michael (2023-08-08). "Linux 6.5 Patches Merged For Intel GDS/DOWNFALL, AMD INCEPTION". www.phoronix.com. Retrieved 2023-08-09.
  9. ^ Corbet, Jonathan (August 8, 2023). "Another round of speculative-execution vulnerabilities". lwn.net. Retrieved 2023-08-11.
  10. ^ "CVE-2022-40982 - Gather Data Sampling - Downfall". Amazon Web Services, Inc. 2023-08-08.
  11. ^ "Citrix Hypervisor Security Bulletin for CVE-2023-20569, CVE-2023-34319 and CVE-2022-40982". support.citrix.com.
  12. ^ "DSA-2023-180: Security Update for Intel Product Update 2023.3 Advisories | Dell US". www.dell.com.
  13. ^ "CVE-2022-40982". security-tracker.debian.org.
  14. ^ "Security Bulletins | Customer Care". Google Cloud.
  15. ^ "Intel 2023.3 IPU – BIOS August 2023 Security Updates | HP® Customer Support".
  16. ^ "INTEL-SA-00828". Intel. 2023-08-08.
  17. ^ "Multi-vendor BIOS Security Vulnerabilities (August 2023) - Lenovo Support US". support.lenovo.com.
  18. ^ "KB5029778: How to manage the vulnerability associated with CVE-2022-40982 - Microsoft Support". support.microsoft.com. Retrieved 2023-09-06.
  19. ^ "QSB-093: Transient execution vulnerabilities in AMD and Intel CPUs (CVE-2023-20569/XSA-434, CVE-2022-40982/XSA-435)". Qubes OS Forum. August 9, 2023.
  20. ^ "cve-details". access.redhat.com.
  21. ^ "Intel Platform Update (IPU) Update 2023.3, August 2023 | Supermicro". www.supermicro.com.
  22. ^ "CVE-2022-40982". Ubuntu.
  23. ^ https://blogs.vmware.com/security/2023/08/cve-2022-40982.html
  24. ^ "oss-sec: Xen Security Advisory 435 v1 (CVE-2022-40982) - x86/Intel: Gather Data Sampling". seclists.org.

External links

This page was last edited on 18 January 2024, at 06:55
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy