Downfall vulnerability#
The downfall vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. It is found in most Intel CPUs starting from the 6th generation (Skylake) up to the 11th generation (Tiger Lake) included. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages.
This vulnerability has been reported to Intel in August 2022, but there was an embargo preventing public notification until recently.
If you plan to use critical, private or sensitive data on SCITAS clusters, we recommend you to request exclusives nodes when running a job.
To achieve this, you need to add the following line into your submission scripts:
Alternatively, you can indicate the option while launching the job:Important
Opting for a node in exclusive mode means charging for all 72 cores, regardless of their actual use.
The SCITAS team is actively working to apply all the available and fitable mitigations. Certain updates may necessitate the restart of our front-end servers. Should such a situation arise, we will ensure to provide you with timely notifications regarding the scheduled maintenance windows. We apologize for any inconvenience and appreciate your understanding.