Intel Patch Release for August 2023
On Tuesday, August 8, Intel published 46 security advisories alerting customers to roughly 80 vulnerabilities in its software and firmware. Eighteen of the flaws are high-severity vulnerabilities that could be exploited to attain privilege elevation or cause denial-of-service (DoS) conditions. Among the vulnerabilities addressed is a side-channel attack nicknamed Downfall.
Downfall is another case of the CPU predictively using cached data (Gather) to speed processing, not unlike Spectre/Meltdown. Downfall affects as many as seven generations of Intel CPU/chipsets. The micro patch that addresses the vulnerability can cause as much as a 50% slowdown; you are going to want to regression test fully before deploying.
Read more in
Security Week: Intel Addresses 80 Firmware, Software Vulnerabilities