In January 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels (known as Spectre and Meltdown). In this blog post, we will provide a technical analysis of a new speculative execution side channel vulnerability known as L1 Terminal Fault (L1TF) which has been assigned CVE-2018-3615 (for SGX), CVE-2018-3620 (for operating systems and SMM), and CVE-2018-3646 (for virtualization).

openvas 33

f5 4

intel 1

thn 1

mageia 4

ibm 9

cert 1

msrc 1

threatpost 2

lenovo 2

cisco 1

nessus 70

amazon 2

huawei 1

fedora 2

redhatcve 2

redhat 13

freebsd 1

osv 4

freebsd_advisory 1

debian 5

xen 1

ubuntu 9

paloalto 1

slackware 1

oraclelinux 3

cloudfoundry 2

mscve 1

hp 1

prion 3

ubuntucve 3

cve 3

debiancve 3

citrix 1

vmware 3

veracode 2

suse 2

openvas

Mageia: Security Advisory (MGASA-2018-0344)

2022-01-28 00:00:00

Huawei Data Communication: CPU Side Channel Vulnerability L1TF (huawei-sa-20180815-01-cpu)

2020-05-26 00:00:00

Mageia: Security Advisory (MGASA-2018-0345)

2022-01-28 00:00:00

K70675920 : August 2018 Intel security vulnerability announcement

2018-08-15 00:00:00

K35558453 : Intel SGX L1 Terminal Fault vulnerability CVE-2018-3615

2018-08-15 00:00:00

K95275140 : OS Kernel and SMM mode L1 Terminal Fault vulnerability CVE-2018-3620

2018-10-05 00:00:00

intel

Q3 2018 Speculative Execution Side Channel Update

2021-05-11 00:00:00

thn

Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered

2018-08-15 07:40:00

mageia

Updated kernel-linus packages fix security vulnerabilities

2018-08-19 14:24:54

Updated kernel packages fix security vulnerabilities

2018-08-19 14:24:54

Updated microcode packages fix security vulnerabilities

2018-08-19 14:24:54

ibm

Security Bulletin: IBM API Connect is affected by Foreshadow Spectre Variant vulnerability (CVE-2018-3646 CVE-2018-3615 CVE-2018-3620)

2018-10-26 20:30:02

Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private Cloud Foundry (CVE-2018-3646, CVE-2018-3615, CVE-2018-3620)

2018-11-19 15:40:01

Security Bulletin: Multiple Foreshadow Spectre Variant vulnerabilities affect IBM OS Image for Red Hat Linux Systems in IBM PureApplication System (CVE-2018-3615 CVE-2018-3620 CVE-2018-3646)

2019-01-25 12:10:01

cert

Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)

2018-08-15 00:00:00

msrc

Analysis and mitigation of L1 Terminal Fault (L1TF)

2018-08-13 07:00:00

threatpost

Intel CPUs Undermined By Fresh Speculative Execution Flaws

2018-08-14 19:24:34

New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants

2018-10-09 19:37:35

lenovo

L1 Terminal Fault Side Channel Vulnerabilities - Lenovo Support NL

2018-08-16 14:27:00

L1 Terminal Fault Side Channel Vulnerabilities - US

2018-08-16 14:27:00

cisco

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

2018-08-14 17:00:00

nessus

Amazon Linux AMI : kernel (ALAS-2018-1058) (Foreshadow)

2018-08-15 00:00:00

Amazon Linux 2 : kernel (ALAS-2018-1058) (Foreshadow)

2018-08-15 00:00:00

OracleVM 3.4 : xen (OVMSA-2018-0246) (Foreshadow)

2018-08-16 00:00:00

amazon

Critical: kernel

2018-08-10 22:53:00

Critical: kernel

2018-08-10 20:26:00

huawei

Security Advisory - CPU Side Channel Vulnerability "L1TF"

2018-08-15 00:00:00

fedora

[SECURITY] Fedora 28 Update: kernel-headers-4.17.14-3.fc28

2018-08-16 08:08:45

[SECURITY] Fedora 27 Update: kernel-headers-4.17.14-3.fc27

2018-08-16 07:24:56

redhatcve

CVE-2018-3646

2021-01-24 22:39:20

CVE-2018-3620

2021-03-20 21:41:50

redhat

(RHSA-2018:2404) Important: rhev-hypervisor7 security update

2018-08-15 15:14:04

(RHSA-2018:2602) Important: kernel security update

2018-08-29 18:04:28

(RHSA-2018:2389) Important: kernel security update

2018-08-14 18:50:42

freebsd

FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure

2018-08-14 00:00:00

osv

linux-4.9 - security update

2018-08-28 00:00:00

linux - security update

2018-08-20 00:00:00

xen - security update

2018-08-16 00:00:00

freebsd_advisory

FreeBSD-SA-18:09.l1tf

2018-08-14 00:00:00

debian

[SECURITY] [DSA 4274-1] xen security update

2018-08-16 20:47:43

[SECURITY] [DSA 4279-1] linux security update

2018-08-20 11:44:32

[SECURITY] [DLA 1481-1] linux-4.9 security update

2018-08-28 17:10:51

xen

L1 Terminal Fault speculative side channel

2018-08-14 17:15:00

ubuntu

Linux kernel vulnerabilities

2018-11-15 00:00:00

Linux kernel vulnerabilities

2018-08-14 00:00:00

Linux kernel (HWE) vulnerabilities

2018-08-14 00:00:00

paloalto

Information about L1 Terminal Fault findings

2018-08-17 00:00:00

slackware

[slackware-security] Slackware 14.2 kernel

2018-08-28 23:41:10

oraclelinux

Unbreakable Enterprise kernel security update

2018-09-06 00:00:00

Unbreakable Enterprise kernel security update

2018-08-14 00:00:00

Unbreakable Enterprise kernel security update

2018-09-13 00:00:00

cloudfoundry

USN-3740-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry

2018-09-11 00:00:00

USN-3741-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2018-08-17 00:00:00

mscve

Microsoft Guidance to mitigate L1TF variant

2018-08-14 07:00:00

HPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)

2018-08-14 00:00:00

prion

Information disclosure

2018-08-14 19:29:00

Information disclosure

2018-08-14 19:29:00

Information disclosure

2018-08-14 19:29:00

ubuntucve

CVE-2018-3615

2018-08-14 00:00:00

CVE-2018-3620

2018-08-14 00:00:00

CVE-2018-3646

2018-08-14 00:00:00

cve

CVE-2018-3615

2018-08-14 19:29:00

CVE-2018-3620

2018-08-14 19:29:00

CVE-2018-3646

2018-08-14 19:29:00

debiancve

CVE-2018-3615

2018-08-14 19:29:00

CVE-2018-3620

2018-08-14 19:29:00

CVE-2018-3646

2018-08-14 19:29:00

citrix

XenServer Multiple Security Updates

2018-08-14 04:00:00

vmware

Operating System-Specific Mitigations address L1 Terminal Fault - OS vulnerability in VMware Virtual Appliances.

2018-08-14 00:00:00

Operating System-Specific Mitigations address L1 Terminal Fault - OS vulnerability in VMware Virtual Appliances.

2018-08-14 00:00:00

VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM vulnerability.

2018-08-14 00:00:00

veracode

Information Disclosure

2019-01-15 09:24:09

Information Disclosure

2019-05-16 03:11:25

suse

Security update for xen (important)

2018-08-19 15:09:36

Security update for xen (important)

2018-08-19 15:10:45

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

5.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:P/A:N

0.002 Low

EPSS

Percentile

54.0%

JSON

Related for MSRC:4E79428DD6508A321BB555312927DDDB