Systems with microprocessors utilizing speculative execution and address
translations may allow unauthorized disclosure of information residing in
the L1 data cache to an attacker with local user access with guest OS
privilege via a terminal page fault and a side-channel analysis.
Author | Note |
---|---|
tyhicks | A microcode update will be provided to allow the kernel to flush the L1D cache on VM entry. However, the kernel has a software fallback mechanism in place when microcode updates are not available/installed. The break-fix lines for this CVE are not complete since a large number of patches are required to mitigate this issue. The commit(s) listed are chosen as placeholders for automated CVE triage purposes. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | intel-microcode | < 3.20180807a.0ubuntu0.18.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | intel-microcode | < 3.20180807a.0ubuntu0.14.04.1 | UNKNOWN |
ubuntu | 16.04 | noarch | intel-microcode | < 3.20180807a.0ubuntu0.16.04.1 | UNKNOWN |
ubuntu | 18.04 | noarch | linux | < 4.15.0-32.35 | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < 3.13.0-155.205 | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < 4.4.0-133.159 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1019.19 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-aws | < 4.4.0-1027.30 | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws | < 4.4.0-1065.75 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure | < 4.15.0-1021.21 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2018-3646
nvd.nist.gov/vuln/detail/CVE-2018-3646
security-tracker.debian.org/tracker/CVE-2018-3646
ubuntu.com/security/notices/USN-3740-1
ubuntu.com/security/notices/USN-3740-2
ubuntu.com/security/notices/USN-3741-1
ubuntu.com/security/notices/USN-3741-2
ubuntu.com/security/notices/USN-3742-1
ubuntu.com/security/notices/USN-3742-2
ubuntu.com/security/notices/USN-3756-1
ubuntu.com/security/notices/USN-3823-1
wiki.ubuntu.com/SecurityTeam/KnowledgeBase/L1TF
www.cve.org/CVERecord?id=CVE-2018-3646