Intel Arc Alchemist video cards were launched by Team Blu last year. Right from the launch, it looks like Intel’s next generation GPUs are victim of a rather serious vulnerabilityknown as Intel-SA-00812, which was only revealed in the past few hours by the Santa Clara giant and which could be unsolvable.
Specifically, the Intel-SA-00812 vulnerability would affect Intel Arc A770 and A750 GPUs for desktop, two of the best-selling Intel Arc video cards in the world, especially between the American and European markets. The vulnerability has a severity level”half”but can still be exploited for attacks denial-of-service and to obtain confidential information of other users.
Also in the last few days, moreover, Intel had disclosed the Downfall vulnerability related to its CPUs, which was discovered even a year ago and which would concern multiple generations of Team Blu processors, also causing heavy performance problems for the components. According to reports from Tom’s Hardware, the CPU-side flaw could be much more problematic than the one for graphics cards.
In fact, the Intel-SA-00812 vulnerability appears to be for only Intel Arc GPUs sold between October and December 2022, and that it has been solved with a small revision on the components produced and sold from January 2023 onwards. The security problem connected to the vulnerability would be twofold, with two flaws respectively called CVE-2022-41984 e CVE-2022-38973.
The first, in particular, would cause the malfunction of the security systems of the Intel Arc A770 and A750thus allowing attacks denial-of-service starting with the GPUs. The second, on the other hand, would seem to provide elevated access permissions to anyone who exploits the flaw, thus allowing otherwise confidential information to be found.
Fortunately, it appears that both problems have not been exploited by the bad guys of the web: the vulnerabilities, on the other hand, would be extremely circumscribed and limited to a negligible number of Arc Alchemist GPUs. Furthermore, they can only be exploited with local access to the video cards. Nonetheless, Intel has asked all users who purchased an Arc Alchemist GPU between October and December 2022 to contact customer support of your country or region to resolve any component-related issues.