urlscan.io logo urlscan.io
SecurityTrails logo

www.xda-developers.com Open in urlscan Pro
15.197.239.251  Public Scan

Back to summary
URL: https://www.xda-developers.com/cpu-vulnerabilities/
Submission: On August 29 via manual from US — Scanned from DE

Form analysis 1 forms found in the DOM

GET /search/?q=

<form method="get" class="search-form js-searchBox icon i-search" id="searchform2" action="/search/?q=">
  <input id="js-search-input" type="text" name="q" class="input-text search-input" autocomplete="off" placeholder="Search XDA Developers" autofocus="">
</form>

Text Content

XDA

Newsletter
Trending Galazy Z Fold 5 Windows 11 23H2 On this day Android 14 Windows 11
Forums
 * * News & Deals
     * Mobile News
     * Computing News
     * Deals
   * Reviews
     * Phones
     * Laptops
     * Tablets
     * Smartwatches
     * Headphones
   * Best Guides
     * Best Phones
     * Best Laptops
     * Best Chromebooks
     * Best Tablets
     * Best Smartwatches
     * Best Earbuds
 * * Mobile
     * Apple
     * Google
     * Motorola
     * OnePlus
     * Samsung
   * Computing
     * Acer
     * Apple
     * Dell
     * HP
     * Lenovo
     * Microsoft
 * Forums
   * NEW: AI and Machine Learning
   * Android Apps and Games
   * Android Mods
   * Android Themes
   * Computing
   * Smartwatches

 * Join Our Team
 * Newsletter
 * Advertise with us

 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 

 * Write For Us
 * Home
 * Contact Us
 * Terms
 * Privacy
 * Copyright
 * About Us
 * Fact Checking Policy
 * Corrections Policy
 * Ethics Policy
 * Ownership Policy
 * Disclosure Policy
 * Advertise
 * Recognized Developer Program


Copyright © 2023 www.xda-developers.com



 * Home
 * Computing


EVERYTHING YOU NEED TO KNOW ABOUT CPU VULNERABILITIES LIKE ZENBLEED, DOWNFALL,
INCEPTION, AND MORE

By Adam Conway
Published 3 days ago


CPU vulnerabilities have been all the rage recently, with Zenbleed and Downfall
being two recent ones. But how worried should you be?


Readers like you help support XDA Developers. When you make a purchase using
links on our site, we may earn an affiliate commission. Read More.

CPU vulnerabilities have been in and out of the news in recent years, and they
often come with a pretty scary message when it comes to them being disclosed. In
the case of Zenbleed and Downfall, it was that any application on your computer
could access the memory of any other program running under the right
circumstances. Sounds intense, right?

Close
Powered By

00:00/06:32




10



iPhone 15 Pro Max: Launch Pushed Back! OnePlus 12 CRAZY SPECS & more


Share

Next
Stay





However, it's not quite as bad as it seems. It's obviously significant enough to
warrant a disclosure and a software update to fix the errors, even at the cost
of performance, but what exactly is going on to cause these security issues?
Should you be worried?




SHOULD YOU BE WORRIED ABOUT CPU VULNERABILITIES LIKE ZENBLEED, DOWNFALL, AND
INCEPTION?



To be honest, neither of these exploits affects the vast majority of people.
While they can leak data from one program to another, any piece of malware on a
consumer's machine already has a great level of access that it can abuse.
Instead, where these attacks are particularly worrisome is in cloud computing
contexts.

To understand the problem, you need to understand that many different cloud
servers are simply computers with a lot of horsepower, a large network
bandwidth, and some other specialized hardware if required. Many companies rent
out what's called a VPS, or a virtual private server, which are virtualized
machines with limited power where dozens of other virtual machines may be
running toward.

Where this can be a problem is that one person on one virtual machine could
execute one of these vulnerabilities, gaining insight into what data is flowing
through the processor, including data from other virtual machines. This should
not be possible and is a major breach of security. That's why when Zenbleed was
disclosed, there were already patches for AMD's Epyc processors, which are aimed
at server usage.





MOST SEVERE CPU VULNERABILITIES CURRENTLY

The industry standard of "ranking" vulnerabilities and their severity is through
the Common Vulnerability Scoring System (CVSS). It provides a quantitative
measure of severity, as the different aspects of the vulnerability will impact
the score. It measures by taking into account the following:

 * Attack vector: Network/Adjacent/Local/Physical
 * Attack complexity: Low/High
 * Privileges required: None/Low/High
 * User interaction: None/Required
 * Scope: Unchanged/Changed
 * Confidentiality: None/Low/High
 * Integrity: None/Low/High
 * Availability: None/Low/High

All of these classify the severity of a bug. For example, a vulnerability that
can be executed over a network with a low complexity, no privileges required, no
user interaction, with a changed scope, high data confidentiality leakage, high
data integrity violation, and high impact on availability will score a perfect
10 in CVSS 3.1, the highest score possible.

By that metric, we can assess the damage that Zenbleed and Downfall are capable
of. Spoiler: They're the same, though they affect different CPUs. Therefore,
while they score a certain amount in the context of vulnerabilities, they can
affect different amounts of products, and that won't impact their score. CVSS
scores are essentially just for triage but don't tell the full story.




ZENBLEED: 6.5 (MEDIUM)

 * Attack vector: Local
 * Attack complexity: Low
 * Privileges required: Low
 * User interaction: None
 * Scope: Changed
 * Confidentiality: High
 * Integrity: None
 * Availability: None

Explanation: The attack vector requires local access to the machine (as in, it
runs on the machine) while also having no impact on the integrity of the data on
the machine or its availability. However, it changes scope (meaning it impacts
resources beyond its privileges) and the attack complexity, and the privileges
required to execute are low. It also totally violates the confidentiality of
information on the machine.


DOWNFALL: 6.5 (MEDIUM)

 * Attack vector: Local
 * Attack complexity: Low
 * Privileges required: Low
 * User interaction: None
 * Scope: Changed
 * Confidentiality: High
 * Integrity: None
 * Availability: None

Explanation: The attack vector requires local access to the machine (as in, it
runs on the machine) while also having no impact on the integrity of the data on
the machine or its availability. However, it changes scope (meaning it impacts
resources beyond its privileges) and the attack complexity, and the privileges
required to execute are low. It also totally violates the confidentiality of
information on the machine.




INCEPTION: 5.6 (MEDIUM)

 * Attack vector: Local
 * Attack complexity: High
 * Privileges required: Low
 * User interaction: None
 * Scope: Changed
 * Confidentiality: High
 * Integrity: None
 * Availability: None

Explanation: The attack vector requires local access to the machine (as in, it
runs on the machine) while also having no impact on the integrity of the data on
the machine or its availability. However, it changes scope (meaning it impacts
resources beyond its privileges), the attack complexity is high, and the
privileges required to execute are low. It also totally violates the
confidentiality of information on the machine.


SPECTRE: 5.6 (MEDIUM) (PATCHED)

Spectre, despite being a more widespread phenomenon, actually scores less than
Zenbleed and Downfall. That's thanks to the fact that the attack complexity was
dubbed as "High," which dropped its score.

 * Attack vector: Local
 * Attack complexity: High
 * Privileges required: Low
 * User interaction: None
 * Scope: Changed
 * Confidentiality: High
 * Integrity: None
 * Availability: None



Explanation: The attack vector requires local access to the machine (as in, it
runs on the machine) while also having no impact on the integrity of the data on
the machine or its availability. However, it changes scope (meaning it impacts
resources beyond its privileges), the attack complexity is high, and the
privileges required to execute are low. It also totally violates the
confidentiality of information on the machine.


MELTDOWN: 5.6 (MEDIUM) (PATCHED)

Like Spectre, Meltdown scores lower than Zenbleed and Downfall, owing to the
greater attack complexity required.

 * Attack vector: Local
 * Attack complexity: High
 * Privileges required: Low
 * User interaction: None
 * Scope: Changed
 * Confidentiality: High
 * Integrity: None
 * Availability: None

Explanation: The attack vector requires local access to the machine (as in, it
runs on the machine) while also having no impact on the integrity of the data on
the machine or its availability. However, it changes scope (meaning it impacts
resources beyond its privileges), the attack complexity is high, and the
privileges required to execute are low. It also totally violates the
confidentiality of information on the machine.





THE BIGGEST CAUSE: BRANCH PREDICTION

Source: AMD

Branch prediction and speculative execution broadly refer to when your computer
performs operations that are not needed at the moment but will be in subsequent
cycles. It's often done in times when your system has free resources since it
speeds up overall processing when instructions or data would otherwise not yet
be ready for the CPU. If the work done is not needed, it's typically discarded,
and the processor can jump back to where it needs to in order to execute the
next correct instruction. When it does this, this is called a branch
misprediction.

For a more in-depth understanding of branch predictors, imagine a scenario where
a program consistently adds the same two numbers in its execution. At some
stage, the processor may recognize this pattern and prepare the next steps
should the method where those two numbers are added be called again. If that
outcome changes at some point, even if the processor planned for the same two
numbers to be the same, then the guess will be thrown out and replaced by the
actual execution flow. However, for the time that those numbers are the same,
then the processor can skip through those instructions quickly.



There are many problems when it comes to speculative execution, though, and
vulnerabilities like Spectre, Zenbleed, Downfall, and more are a result. It's a
powerful feature that we owe a lot of modern-day CPU performance, but it's a
major target when researchers look for vulnerabilities in CPUs.




MITIGATION: A PERFORMANCE INHIBITOR

Mitigating these vulnerabilities is of utmost importance, but the problem is
that these mitigations are often taxing on performance. In the case of AMD's
most recent Zenbleed, the mitigation could see massive performance overheads.



The reason for this is that the only real way around it is to disable or change
the behavior of the branch predictor in the affected processor. The same
performance hit can be found in the mitigations for Intel's Downfall, with early
reports suggesting performance impacts of up to 39%. Epic Games once famously
shared CPU utilization graphs once the Meltdown vulnerability was disclosed and
how much of an impact those mitigations had on the company's CPU usage. There
was a major uptick in CPU usage, as one would expect. Where things get scary is
with the fix for AMD's Inception, performance was found to drop by up to 54%.



Because vulnerabilities like this affect features fundamental to the processor,
it's hard to really fix them aside from disabling or severely maiming core
features. Speculative execution is incredibly important, and these mitigations
will be felt by many people. Gaming performance is less predictable, so if your
PC's primary usage is gaming, you might be alright as your computer can't make
as many predictions, but these problems scale up in much bigger systems.




ARE FUTURE PROCESSORS AFFECTED?

Thankfully, in the case of both Intel Downfall and Zenbleed, these exploits
affect older processors. Newer processors from both companies are safe, and
there's nothing to worry about for now. A significant redesign is usually what
ends up fixing these problems. For example, Spectre affected Intel's eighth and
ninth-generation CPUs, but the ninth generation incorporated a hardware version
of the software fixes that were implemented, complete with the performance hit.
Intel's 10th generation was still safe but also no longer had a performance
impact from those mitigation measures.



As a result, given that both Downfall and Zenbleed were already fixed in the
most recent versions of their respective processors, users don't have much to
worry about. Of course, there can always be more vulnerabilities discovered, but
at this point in time, you're safe.


Subscribe to our newsletter
Comments 1
Share Tweet Share Share Share
Copy
Email
Share

Share Tweet Share Share Share
Copy
Email
Link copied to clipboard

Related Topics
 * Computing
 * Computing Editorial
 * Ryzen
 * intel
 * Security
 * vulnerability

About The Author
Adam Conway (1385 Articles Published)


I’m Adam Conway, an Irish technology fanatic with a BSc in Computer Science and
I'm XDA’s Lead Technical Editor. My Bachelor’s thesis was conducted on the
viability of benchmarking the non-functional elements of Android apps and
smartphones such as performance, and I’ve been working in the tech industry in
some way or another since 2017.

In my spare time, you’ll probably find me playing Counter-Strike or VALORANT,
and you can reach out to me at adam@xda-developers.com, on Twitter as
@AdamConwayIE, on Instagram as adamc.99, or u/AdamConwayIE on Reddit.


Close



 * TODAY'S BEST DEALS

UPGRADE YOUR PC FOR LESS WITH MSI MOTHERBOARDS, POWER SUPPLIES AND MORE STARTING
AT $20

2 hours ago

SHOP AND SAVE DURING BEST BUY'S LAST-MINUTE BACK-TO-SCHOOL SALE

4 hours ago

6 LAST-MINUTE BACK-TO-SCHOOL LAPTOP DEALS YOU WON’T WANT TO MISS

6 hours ago
See More


TRENDING NOW

ACER GAMING LAPTOPS AND MONITORS SEE STEEP DISCOUNTS AS LABOR DAY DEALS HEAT UP


+


2024'S OLED IPAD PRO COULD OFFER THE M3 CHIP AND A REDESIGNED MAGIC KEYBOARD


+


APPLE WATCH SERIES 9: RUMORS AND WHAT WE WANT TO SEE IN APPLE'S 2023 WEARABLE





✕
user-signalWir schätzen Ihre Privatsphäre
Alles akzeptieren
Wir und unsere Partner informationen auf einem gerät speichern und/oder abrufen.
Für die Ihnen angezeigten Verarbeitungszwecke können Cookies, Geräte-Kennungen
oder andere Informationen auf Ihrem Gerät gespeichert oder abgerufen werden.
Anzeigen und Inhalte können basierend auf einem Profil personalisiert werden. Es
können Daten hinzugefügt werden, um Anzeigen und Inhalte besser zu
personalisieren. Die Leistung von Anzeigen und Inhalten kann gemessen werden.
Erkenntnisse über die Zielgruppen, die die Anzeigen und Inhalte gesehen haben,
können abgeleitet werden. Ihre Daten können verwendet werden, um bestehende
Systeme und Software zu verbessern und neue Produkte zu entwickeln.

Einige Partner bitten nicht um Ihre Zustimmung zur Verarbeitung Ihrer Daten und
verlassen sich stattdessen auf deren berechtigtes Interesse. Sehen Sie sich
unsere Liste der Partner an, um zu sehen, für welche Zwecke sie ein berechtigtes
Interesse haben und wie Sie dagegen Einwände erheben können.

Ihre Auswahl auf dieser Website wird für diese Website angewendet. Sie können
Ihre Einstellungen jederzeit ändern, indem Sie Ihre Einwilligung widerrufen,
indem Sie auf das Schlosssymbol in der unteren rechten oder linken Ecke klicken.

checklistZweckesettings-toggle-horizontalPartner
Powered By