CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
10.3%
Intel have disclosed RFDS, Register File Data Sampling, affecting some Atom cores.
This came from internal validation work. There is no information provided about how an attacker might go about inferring data from the register files.
For more details, see: <a href=โhttps://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/register-file-data-sampling.htmlโ>https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/register-file-data-sampling.html</a>
An attacker might be able to infer the contents of data held previously in floating point, vector and/or integer register files on the same logical processor, including data from a more privileged context.
Note: None of the vulnerable processors support HyperThreading, so there is no instantaneous exposure of data from other threads.
Systems running all versions of Xen are affected.
RFDS is only known to affect certain Atom processors from Intel. Other Intel CPUs, and CPUs from other hardware vendors are not known to be affected.
RFDS affects Atom processors between the Goldmont and Gracemont microarchitectures. This includes Alder Lake and Raptor Lake hybrid client systems which have a mix of Gracemont and other types of cores.