VMware Communities
Campbell2011101
VMware Employee
VMware Employee
‎08-15-2018 09:16 AM

‘L1 Terminal Fault’ (L1TF) Speculative-Execution vulnerabilities in Intel processors: CVE-2018-3646, CVE-2018-3620, and CVE-2018-3615 (55636)

Dear Customer,

On Tuesday, August 14th Intel disclosed details on a new class of CPU speculative-execution vulnerabilities, known collectively as “L1 Terminal Fault.” This new class of vulnerabilities can occur on current and past Intel processors (from at least 2009 - 2018) when affected Intel microprocessors are speculating beyond an unpermitted data access.

By continuing the speculation in these cases, the affected Intel microprocessors expose a new side-channel for attack, allowing a malicious VM to infer data in the hypervisor and other VM’s running on a core.

As part of the August 14th disclosure by Intel, three vulnerabilities have been named:

  • CVE-2018-3646 (L1 Terminal Fault - VMM)
  • CVE-2018-3620 (L1 Terminal Fault - OS)
  • CVE-2018-3615 (L1 Terminal Fault – SGX, SMM)

The most severe of the three vulnerabilities (CVE-2018-3646: L1 Terminal Fault – VMM) impacts all hypervisors running on x86 Intel CPUs, including VMware vSphere, VMware Workstation and VMware Fusion. As a consequence, our services that use these products (including VMware Cloud on AWS and VMware Horizon Cloud), and our VMware Cloud Provider Program partner environments are impacted.

Our top priority is protecting and ensuring the security of your data and systems.

As is our practice, VMware has been working closely with industry partners such as Intel and others to assess the issue and determine the most effective update and/or patch in conjunction with our partners.

A knowledge base (KB) article https://kb.vmware.com/kb/55636 has been created as the centralized source of information for this issue. This KB provides links to additional KBs with detailed mitigation processes for each of the attack vectors identified by the L1 Terminal Fault vulnerabilities.

We strongly encourage you to visit the knowledge base repository as the centralized source of information for this issue, and click ‘Subscribe to Article’ on the Actions box to be alerted when new information is added to this document. We also encourage you to sign-up on our Security-Announce mailing list to receive new and updated VMware Security Advisories.

We are proactively reaching out to ensure you are implementing the recommended mitigation processes to protect your environment.

VMware is fully engaged to address any concerns or issues you may have.

Regards

Reply
0 Kudos
0 Replies