Posted on 22.8.2023

New Intel CPU vulnerability GDS/Downfall

On August 8, 2023, Intel published a new security vulnerability that exploits Gather Data Sampling (GDS). Named Downfall by its discoverer, it impacts multiple generations of Intel processors used in both personal and cloud computers. Downfall is a transient execution side-channel vulnerability that targets a critical weakness found in many modern Intel processor models.

Following the publication of the new vulnerability affecting a subsection of our cloud infrastructure, we began to evaluate and implement the microcode update to mitigate the vulnerability.

No actions are required from customers.


This vulnerability, identified as CVE-2022-40982 with a CVSS Base Score of 6.5 Medium, allows malicious software to possibly infer data previously stored in vector registers used by either the same thread or the sibling thread on the same physical CPU core. In cloud infrastructure, an exploiter could use the Downfall vulnerability to steal data and credentials from other customers who share the same compute host.

Similar to data sampling transient execution attacks like Microarchitectural Data Sampling (MDS), the Downfall vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software.

These registers may have been used by other security domains such as other Cloud Servers, the operating system kernel, or Intel Software Guard Extensions (Intel SGX) enclaves. This allows untrusted software to access data stored by other programs, which should not normally be accessible.


Downfall defeats fundamental security boundaries in most Intel-based systems and is effectively a successor to previous data-leaking vulnerabilities in Intel CPUs including Meltdown and Fallout (AKA MDS). Mitigations applied to the previous vulnerabilities are ineffective against Downfall.

Accompanied by the release, Intel has provided a microcode update to mitigate GDS, and no software changes are required to enable the mitigation. We have applied the updates across our cloud infrastructure without interruptions or action required from our customers.

Intel has acknowledged that their microcode mitigation for Downfall has the potential to impact performance where gather instructions are used in performance-critical applications. Performance impact might be most visible in certain single-thread/CPU tasks that explicitly use the AVX512 instructions – mostly with cryptographic operations like video encoding/transcoding. Intel has not relayed any estimated performance impact claims from this mitigation.

As always, we highly recommend all our users keep their Cloud Servers up to date on security updates provided by your operating system vendor.

Should you have any questions or concerns, please don’t hesitate to contact our support team.

Janne Ruostemaa


Information regarding Foreshadow, the Intel L1 Terminal Fault vulnerability

Intel recently shared information about a newly identified vulnerability in their processors. It concerns a speculative execution side-channel method that Intel calls L1 Terminal Fault or L1TF for short. The vulnerability was discovered by two independent groups of researchers who have titled it Foreshadow. L1TF aka Foreshadow The Foreshadow vulnerability (CVE-2018-3615) is an exploit on the speculative execution […]


The discovery and mitigation of AMD Zen CPU vulnerability aka Zenbleed

Yesterday, on the 24th of July 2023, Google Project Zero published their findings of a new flaw in AMD’s Zen 2 processors. The vulnerability titled ‘Zenbleed’ affects the entire Zen 2 product stack, from AMD’s EPYC data center processors to the Ryzen 3000 CPUs. It can be exploited to steal sensitive data stored in the […]


Bigger Is Not Necessary Better: AWS vs. UpCloud

One of the most common questions our customers ask us is that how we can compete with the likes of Amazon Web Services (AWS) on price as they have economies of scale on their side.


Back to top