The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability CVE-2018-3620

Intel processors: information disclosure via Foreshadow L1TF OS/SMM

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via L1TF OS/SMM on Intel processors, in order to obtain sensitive information.
Severity of this computer vulnerability: 2/4.
Creation date: 16/08/2018.
Références of this announce: 525211, 528031, ADV180018, CERTFR-2018-AVI-385, CERTFR-2018-AVI-386, CERTFR-2018-AVI-387, CERTFR-2018-AVI-388, CERTFR-2018-AVI-390, CERTFR-2018-AVI-391, CERTFR-2018-AVI-392, CERTFR-2018-AVI-416, CERTFR-2018-AVI-419, CERTFR-2018-AVI-426, CERTFR-2018-AVI-557, CERTFR-2018-AVI-584, CERTFR-2019-AVI-169, CERTFR-2019-AVI-242, CERTFR-2019-AVI-489, cisco-sa-20180814-cpusidechannel, cpuapr2019, CTX236548, CVE-2018-3620, DLA-1481-1, DLA-1506-1, DLA-1529-1, DSA-2018-170, DSA-2018-217, DSA-2019-030, DSA-4274-1, DSA-4279-1, DSA-4279-2, FEDORA-2018-1c80fea1cd, FEDORA-2018-f8cba144ae, FG-IR-18-002, Foreshadow, FreeBSD-SA-18:09.l1tf, HPESBHF03874, ibm10742755, INTEL-SA-00161, JSA10917, JSA10937, K95275140, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, RHSA-2018:2384-01, RHSA-2018:2387-01, RHSA-2018:2388-01, RHSA-2018:2389-01, RHSA-2018:2390-01, RHSA-2018:2391-01, RHSA-2018:2392-01, RHSA-2018:2393-01, RHSA-2018:2394-01, RHSA-2018:2395-01, RHSA-2018:2396-01, RHSA-2018:2602-01, RHSA-2018:2603-01, SSA:2018-240-01, SSA-254686, SSA-608355, STORM-2018-005, SUSE-SU-2018:2328-1, SUSE-SU-2018:2332-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2362-1, SUSE-SU-2018:2366-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2384-1, SUSE-SU-2018:2596-1, SUSE-SU-2018:2637-1, Synology-SA-18:45, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, USN-3823-1, VIGILANCE-VUL-26998, VMSA-2018-0021, VU#982149, XSA-273, XSA-289.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via L1TF OS/SMM on Intel processors, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

This security announce impacts software or systems such as SNS, Arkoon FAST360, Cisco ASR, Nexus by Cisco, NX-OS, Cisco UCS, XenServer, Debian, Avamar, NetWorker, Unisphere EMC, BIG-IP Hardware, TMOS, Fedora, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, HP ProLiant, QRadar SIEM, Juniper EX-Series, Juniper J-Series, Junos OS, Junos Space, SRX-Series, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, OpenBSD, openSUSE Leap, Oracle Communications, pfSense, RHEL, SIMATIC, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, vCenter Server, Xen.

Our Vigil@nce team determined that the severity of this threat is medium.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this computer vulnerability announce.

Solutions for this threat

Linux kernel: version 4.18.1.
The version 4.18.1 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.17.15.
The version 4.17.15 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.14.63.
The version 4.14.63 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.9.120.
The version 4.9.120 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Cisco: solution for Foreshadow L1TF.
The solution is indicated in information sources.

Citrix XenServer: patch.
A patch is indicated in information sources.

Debian 8: new intel-microcode packages (17/09/2018).
New packages are available:
  Debian 8: intel-microcode 3.20180807a.1~deb8u1

Debian 8: new linux-4.9 packages.
New packages are available:
  Debian 8: linux-4.9 4.9.110-3+deb9u4~deb8u1

Debian 8: new linux packages (05/10/2018).
New packages are available:
  Debian 8: linux 3.16.59-1

Debian 9: new linux packages.
New packages are available:
  Debian 9: linux 4.9.110-3+deb9u4

Debian 9: new xen packages.
New packages are available:
  Debian 9: xen 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10

Dell EMC Avamar: solution for Processors.
The solution is indicated in information sources.

Dell EMC Unisphere: solution for L1TF.
The solution is indicated in information sources.

EMC Networker vProxy: solution for Multiprocessor Side-Channel Vulnerabilities.
The solution is indicated in information sources.

F5 BIG-IP: solution for Foreshadow L1TF OS/SMM.
The solution is indicated in information sources.

Fedora: new kernel-headers packages.
New packages are available:
  Fedora 27: kernel-headers 4.17.14-3.fc27
  Fedora 28: kernel-headers 4.17.14-3.fc28

Fortinet: solution for Meltdown/Spectre.
Fixed versions are indicated in information sources.

FreeBSD: patch for L1TF.
A patch is available:
  https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.2.patch
  https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.1.patch

HPE ProLiant: solution for L1TF.
The solution is indicated in information sources.

IBM QRadar SIEM: patch for Linux.
A patch is indicated in information sources.

Junos OS: fixed versions for FreeBSD.
Fixed versions are indicated in information sources.

Junos Space: version 18.4R1.
The version 18.4R1 is fixed.

OpenBSD: patch for L1TF.
A patch is indicated in information sources.

openSUSE Leap 15.0: new kernel packages.
New packages are available:
  openSUSE Leap 15.0: kernel 4.12.14-lp150.12.16.1

openSUSE Leap 42.3: new kernel packages (17/08/2018).
New packages are available:
  openSUSE Leap 42.3: kernel 4.4.143-65.1

Oracle Communications: CPU of April 2019.
A Critical Patch Update is available:
  https://support.oracle.com/rs?type=doc&id=2518758.1
  https://support.oracle.com/rs?type=doc&id=2518763.1
  https://support.oracle.com/rs?type=doc&id=2522151.1
  https://support.oracle.com/rs?type=doc&id=2519787.1
  https://support.oracle.com/rs?type=doc&id=2522126.1
  https://support.oracle.com/rs?type=doc&id=2522123.1
  https://support.oracle.com/rs?type=doc&id=2518753.1
  https://support.oracle.com/rs?type=doc&id=2522121.1
  https://support.oracle.com/rs?type=doc&id=2528862.1
  https://support.oracle.com/rs?type=doc&id=2518754.1

pfSense: version 2.4.4.
The version 2.4.4 is fixed:
  https://www.netgate.com/

RHEL 5.9: new kernel packages.
New packages are available:
  RHEL 5: kernel 2.6.18-348.41.1.el5

RHEL 5: new kernel packages.
New packages are available:
  RHEL 5: kernel 2.6.18-434.el5

RHEL 6.4: new kernel packages (16/08/2018).
New packages are available:
  RHEL 6: kernel 2.6.32-358.91.4.el6

RHEL 6.5: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-431.91.3.el6

RHEL 6.6: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-504.72.4.el6

RHEL 6.7: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-573.60.4.el6

RHEL 6: new kernel packages (16/08/2018).
New packages are available:
  RHEL 6: kernel 2.6.32-754.3.5.el6

RHEL 6: new kernel-rt packages (16/08/2018).
New packages are available:
  RHEL 6: kernel-rt 3.10.0-693.37.4.rt56.629.el6rt

RHEL 7.2: new kernel packages.
New packages are available:
  RHEL 7: kernel 3.10.0-327.71.4.el7

RHEL 7.3: new kernel packages.
New packages are available:
  RHEL 7: kernel 3.10.0-514.55.4.el7

RHEL 7.4: new kernel packages (16/08/2018).
New packages are available:
  RHEL 7: kernel 3.10.0-693.37.4.el7

RHEL 7: new kernel packages (16/08/2018).
New packages are available:
  RHEL 7: kernel 3.10.0-862.11.6.el7

RHEL 7: new kernel-rt packages (16/08/2018).
New packages are available:
  RHEL 7: kernel-rt 3.10.0-862.11.6.rt56.819.el7

SIMATIC: solution for L1TF.
The solution is indicated in information sources.

SIMATIC WinAC RTX F 2010: workaround for Processor.
A workaround is indicated in the information source.

Slackware 14.2: new kernel packages.
New packages are available:
  Slackware 14.2: kernel 4.4.153-i586-1

Stormshield: solution for L1TF.
The solution is indicated in information sources.

SUSE LE 11 SP3: new kernel packages.
New packages are available:
  SUSE LE 11 SP3: kernel 3.0.101-0.47.106.43.1

SUSE LE 11 SP4: new kernel packages.
New packages are available:
  SUSE LE 11 SP4: kernel 3.0.101-108.68.1

SUSE LE 11 SP4: new kernel-rt packages.
New packages are available:
  SUSE LE 11 SP4: kernel-rt 3.0.101.rt130-69.33.1

SUSE LE 12 RTM: new kernel packages.
New packages are available:
  SUSE LE 12 RTM: kernel 3.12.61-52.141.1

SUSE LE 12 SP1: new kernel packages.
New packages are available:
  SUSE LE 12 SP1: kernel 3.12.74-60.64.99.1

SUSE LE 12 SP2: new kernel packages.
New packages are available:
  SUSE LE 12 SP2: kernel 4.4.121-92.92.1

SUSE LE 12 SP3: new kernel packages 4.4.143-4.
New packages are available:
  SUSE LE 12 SP3: kernel 4.4.143-4.13.1

SUSE LE 12 SP3: new kernel packages 4.4.143-94.
New packages are available:
  SUSE LE 12 SP3: kernel 4.4.143-94.47.1

SUSE LE 12 SP3: new kernel-rt packages.
New packages are available:
  SUSE LE 12 SP3:kernel-rt 4.4.147-3.20.1

SUSE LE 15: new kernel packages.
New packages are available:
  SUSE LE 15 RTM: kernel 4.12.14-25.13.1

Synology DSM: solution for L1TF.
The solution is indicated in information sources.

Ubuntu 12.04: new linux-image-3.2.0-137-generic packages.
New packages are available:
  Ubuntu 12.04 ESM: linux-image-3.2.0-137-generic 3.2.0-137.183

Ubuntu: new linux-image-3.13.0 packages.
New packages are available:
  Ubuntu 14.04 LTS: linux-image-generic 3.13.0.155.165
  Ubuntu 12.04 ESM: linux-image-generic-lts-trusty 3.13.0.156.146

Ubuntu: new linux-image-4.15.0 packages.
New packages are available:
  Ubuntu 18.04 LTS: linux-image-generic 4.15.0.32.34

Ubuntu: new linux-image-4.4.0 packages.
New packages are available:
  Ubuntu 16.04 LTS: linux-image-generic 4.4.0.133.139
  Ubuntu 14.04 LTS: linux-image-generic 3.13.0.156.166

VMware vCenter Server Appliance: solution for L1TF.
The solution is indicated in information sources.

Windows: solution for L1TF.
The solution is indicated in information sources.

Wind River Linux: solution (21/05/2019).
The solution is indicated in information sources.

Wind River Linux: solution (28/11/2018).
The solution is indicated in information sources.

Xen: solution for L1TF.
The solution is indicated in information sources.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computers vulnerabilities watch. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.