Intel disclosed a security vulnerability called "Downfall" with tracking number "CVE-2022-40982" in August this year. The vulnerability, which utilizes "Gather Data Sampling" to steal other users' data and sensitive information from computers, affects a number of Core processors, spanning the 6th generation of Skylake to the 11th generation of Rocket Lake and Tiger Lake.
According to media reports, a number of Intel processor buyers have filed a lawsuit stating that Intel actually knew about the AVX side-channel vulnerability as early as 2018, but didn't tend to fix the problem in the architecture until it discovered the "Downfall" security vulnerability, which exposed millions of users to security threats. Intel has since released an updated microcode to fix the "Downfall" security vulnerability, but there is a possibility of performance loss, which can be quite significant, up to 50%.
In the lawsuit filed, it is mentioned that Intel had already received reports from third-party researchers in 2018 when it was dealing with the Spectre and Meltdown vulnerabilities, which warned about issues related to the AVX side-channel vulnerability. Although Intel was on top of the situation five years ago, it was never heeded. Rumor has it that Intel implemented a "secret buffer" related to the AVX instruction set to temporarily curb the threat of the vulnerability, but instead of solving the problem, it exacerbated it, leading to the theft of data and sensitive information.
These are serious allegations, judging by the content of the lawsuit, but Intel has not yet responded to them.