https://www.neowin.net/news/gds-microsoft-intel-confirm-downfall-of-7th-8th-9th-10th-11th-gen-cpus-firmware-out/?fbclid=IwAR1pwmpyZ_-qtIDc7Z-aTa_wYtQhrk5-w92ITL3xpk2V9ia2jD5H7ZuryLQ

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.

Related for AMD: *Zenbleed: new hardware vulnerability in AMD CPUs* https://www.kaspersky.com/blog/zenbleed-vulnerability/48836/

Gather Data Sampling (GDS) is a transient execution side channel vulnerability affecting certain Intel processors. In some situations when a gather instruction performs certain loads from memory, it may be possible for a malicious attacker to use this type of instruction to infer stale data from previously used vector registers. Similar to data sampling transient execution attacks like Microarchitectural Data Sampling (MDS), GDS may allow a malicious actor who can locally execute code on a system to infer the values of secret data which is otherwise protected by architectural mechanisms. GDS differs from the MDS vulnerabilities in both the method of exposure (which is limited to the set of gather instructions), and in the data exposed (stale vector register data only). Neither MDS nor GDS, by themselves, provide malicious actors the ability to choose which data is inferred using these methods.
GDS is assigned CVE-2022-40982 CVSS Base Score 6.5 Medium CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N.
Intel is providing a microcode update to mitigate GDS. No software changes are required to enable the mitigation. System administrators, application developers, and users should carefully consider the threat model applicable to their systems when deciding whether and where to mitigate GDS. Based on the environmental threat model, users may disable the GDS mitigation with options provided by operating system vendors (OSVs).
Intel is not aware of any instance of any of this vulnerability being exploited outside a controlled lab environment.
Malicious software may be able to infer data previously stored in vector registers used by either the same thread, or the sibling thread on the same physical core. These registers may have been used by other security domains such as other virtual machine (VM) guests, the operating system (OS) kernel, or Intel® Software Guard Extensions (Intel® SGX) enclaves. Note that no processors that support Intel® Trust Domain Extension (Intel® TDX) are affected by GDS.
Mitigation
Intel is releasing a microcode update which blocks transient results of gather instructions to prevent attacker code from observing speculative results of gather loads. The mitigation is enabled by default when the patch is loaded, and cross-thread exposure is mitigated even with hyperthreading enabled. The microcode update provides an MSR interface that allows software to opt-out of the mitigation.
On processors affected by GDS, if Intel SGX is enabled and hyperthreading is disabled, loading the updated microcode will mitigate any potential direct attacks using GDS against Intel SGX enclaves. If Intel SGX is not enabled or if hyperthreading is enabled, the mitigation will not be locked, and system software can choose to enable or disable the GDS mitigation. There will be an Intel SGX TCB Recovery for those Intel SGX-capable affected processors.
No processors that support Intel TDX are affected by GDS.
Refer to the 2022-2023 tab of the consolidated Affected Processors table: Gather Data Sampling column.
Affected Processors: Guidance for Security Issues on Intel® Processors
This table shows the impact of transient execution attacks (formerly speculative execution side channel methods) and select security issues on currently supported Intel products, disclosed in 2018-2021, including recommended mitigation where affected.
https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html

AMD’s fTPM issues are well-known in the industry, often causing system crashes and freezing. Linux’s creator Linus Torvalds has expressed his disappointment towards the feature, labeling it a “plague” for the kernel.

AMD’s fTPM Issues Have A Long History, Emerging With The Release of Windows 11

For a quick recap, Trusted Platform Module or TPM is a security check which has been made a necessity to be enabled for the latest version of Windows 11. While the intention behind this move is for the consumer’s benefit, the feature brought several problems. The main problems that fTPM brought were random stuttering and lagging. Moreover, several users also experienced jittering and disruptions while gaming. While the problem did occur in the Intel platform, most of the issues were on AMD, which still persist today.

Intel has released a patch to plug a gaping hole in the security of older CPUs—specifically, those made from 2015 to 2019, aka Skylake to Tiger Lake. The vulnerability allowed a person sharing a computer with another person to steal “high-value credentials” such as passwords and encryption keys. Though most of us don’t usually share a computer with another person, it’s a standard scenario in cloud computing, with many clients accessing the same hardware simultaneously. Unfortunately, Intel’s fix comes with a performance penalty.

The vulnerability affecting billions of Intel CPUs was discovered by Daniel Moghimi, who is a Senior Research Scientist at Google. According to the site Mr. Moghimi made for the bug, the vulnerability essentially allows sensitive data to move between two users sharing the same physical CPU cores, a common scenario in a cloud computing environment. It’s due to a memory optimization feature in older Intel CPUs whereby internal hardware registers are inadvertently exposed to software, allowing a malicious actor to steal sensitive information from whoever is sharing the computer’s resources. Intel states in its security bulletin that it’s not aware of this attack being used outside of a “controlled lab environment.”