LenovoLENOVO:PS500179-L1-TERMINAL-FAULT-SIDE-CHANNEL-VULNERABILITIES-NOSIDL1 Terminal Fault Side Channel Vulnerabilities - Lenovo Support NL
6.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
5.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:P/A:N
Lenovo Security Advisory: LEN-24163
Potential Impact: Malicious code running locally may be able to observe contents of privileged memory, circumventing expected privilege levels
Severity: High
Scope of Impact: Industry-wide
CVE Identifier: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646
Summary Description:
Intel has made Lenovo aware of vulnerabilities collectively named “L1 Terminal Fault” affecting certain Intel processors. Lenovo has already released new BIOSes addressing these vulnerabilities under LEN-22133, because Intel included fixes for L1 Terminal Fault in a cumulative microcode update at that time. This advisory is to disclose the L1 Terminal Fault vulnerabilities and recommend additional actions you should take to protect yourself.
Mitigation Strategy for Customers (what you should do to protect yourself):
There are three vulnerability variants, each attacking a different sub-component of the processor architecture:
CVE-2018-3615 affects SGX enclaves
- Update BIOS per LEN-22133
- Update OS
- See Intel’s advisory and references for additional guidance on TCB reset and SGX application attestation
CVE-2018-3620 affects OS and SMM (System Management Mode)
- Update BIOS per LEN-22133
- Update OS
CVE-2018-3646 affects VMMs (Virtual Machine Managers)
- Update BIOS per LEN-22133
- Update host OS (if applicable)
- Update VMM
- Update guest OSes (where possible)
- For customers using Windows Server 2016+ or VMware ESXi/vSphere/bare-metal hypervisor, enable VMM scheduler enhancements and keep hyperthreading enabled.
- For all others, Intel suggests keeping hyperthreading enabled where you are confident all guest VMs that can end up sharing a processor core have OS mitigations applied. However, if unmitigated VMs are present, you should consider disabling hyperthreading to prevent VM-to-VM attacks. This is most likely in multi-tenant IaaS public and private cloud server environments where the VMM has not been updated to provide alternate means of isolation.
Related
6.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
5.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:P/A:N