CVE-2022-40982: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-40982, also known as Gather Data Sampling (GDS) or "Downfall", is a hardware vulnerability discovered by Daniel Moghimi that affects Intel processors. The vulnerability allows an authenticated user to access and steal data from other users who share the same computer through microarchitectural state after transient execution in certain vector execution units (Downfall, Intel Advisory).

The vulnerability is caused by the AVX GATHER instructions that can forward the content of stale vector registers to dependent instructions during speculative execution. The physical register file is competitively shared between sibling threads, allowing an attacker to infer data from the sibling thread or from a more privileged context. The vulnerability has been assigned a CVSS v3.1 Base Score of 6.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (NVD).

Successful exploitation could allow attackers to steal sensitive information like passwords, encryption keys, and private data including banking details, personal emails, and messages. In cloud computing environments, malicious customers could exploit the vulnerability to steal data and credentials from other customers sharing the same cloud computer. The vulnerability affects most Intel Core processors from the 6th Skylake to the 11th Tiger Lake generation (Downfall).

Intel has released microcode updates to address the vulnerability. The mitigation blocks transient results of gather instructions and prevents attacker code from observing speculative data from Gather. While disabling AVX is possible as a workaround, it comes with significant performance impact and is not recommended for systems that can deploy the microcode update. According to Intel, some workloads may experience up to 50% overhead with the mitigation enabled (Xen Advisory, Downfall).

The vulnerability has received significant attention from the cybersecurity community and cloud service providers. AWS announced that their customers' data and instances are not affected as they have designed and implemented infrastructure protections against this class of issues. Various Linux distributions and system vendors have released patches and updates to address the vulnerability (AWS Bulletin).