Kernel: hw: cpu: L1 terminal fault (L1TF)

🗓️ 14 Aug 2018 21:02:37Reported by RedHatType

Unprivileged attackers can read kernel memory via speculative execution and page faults, cross host access.

Reporter	Title	Published	Views	Family All 447
IBM Security Bulletins	Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal's dependencies - Cumulative list from June 28, 2018 to December 13, 2018	28 Jan 201917:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private Cloud Foundry (CVE-2018-3646, CVE-2018-3615, CVE-2018-3620)	19 Nov 201815:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect is affected by Foreshadow Spectre Variant vulnerability (CVE-2018-3646 CVE-2018-3615 CVE-2018-3620)	26 Oct 201820:30	–	ibm
IBM Security Bulletins	Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801q	10 Oct 201821:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance	9 Jan 201922:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect is affected by multiple third-party vulnerabilities (Node.js, nghttp2, Linux, Intel CPU, Android)	31 Oct 201820:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by a Foreshadow Spectre Variant vulnerability	7 Feb 201919:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to Spectre variants 4 and 3a (CVE-2018-3639 CVE-2018-3640)	7 Dec 202322:31	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Foreshadow Spectre Variant vulnerabilities affect IBM OS Image for Red Hat Linux Systems in IBM PureApplication System (CVE-2018-3615 CVE-2018-3620 CVE-2018-3646)	25 Jan 201912:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by Red Hat kernel vulnerabilities	6 Mar 201920:05	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6.7	ppc64	kernel	0:2.6.32-573.60.4.el6	kernel-0:2.6.32-573.60.4.el6.ppc64.rpm
Red Hat Enterprise Linux	6.7	s390x	kernel	0:2.6.32-573.60.4.el6	kernel-0:2.6.32-573.60.4.el6.s390x.rpm
Red Hat Enterprise Linux	6.7	x86_64	kernel	0:2.6.32-573.60.4.el6	kernel-0:2.6.32-573.60.4.el6.x86_64.rpm
Red Hat Enterprise Linux	6.7	any	kernel	0:2.6.32-573.60.4.el6.i686	kernel-0:2.6.32-573.60.4.el6.i686.noarch.rpm
Red Hat Enterprise Linux	6.7	any	kernel-abi-whitelists	0:2.6.32-573.60.4.el6.noarch	kernel-abi-whitelists-0:2.6.32-573.60.4.el6.noarch.noarch.rpm
Red Hat Enterprise Linux	6.7	ppc64	kernel-bootwrapper	0:2.6.32-573.60.4.el6	kernel-bootwrapper-0:2.6.32-573.60.4.el6.ppc64.rpm
Red Hat Enterprise Linux	6.7	ppc64	kernel-debug	0:2.6.32-573.60.4.el6	kernel-debug-0:2.6.32-573.60.4.el6.ppc64.rpm
Red Hat Enterprise Linux	6.7	s390x	kernel-debug	0:2.6.32-573.60.4.el6	kernel-debug-0:2.6.32-573.60.4.el6.s390x.rpm
Red Hat Enterprise Linux	6.7	x86_64	kernel-debug	0:2.6.32-573.60.4.el6	kernel-debug-0:2.6.32-573.60.4.el6.x86_64.rpm
Red Hat Enterprise Linux	6.7	any	kernel-debug	0:2.6.32-573.60.4.el6.i686	kernel-debug-0:2.6.32-573.60.4.el6.i686.noarch.rpm

Source	Link
access	www.access.redhat.com/articles/3562741
access	www.access.redhat.com/security/cve/CVE-2018-3620
access	www.access.redhat.com/security/vulnerabilities/L1TF
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
foreshadowattack	www.foreshadowattack.eu/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-3620
software	www.software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
cve	www.cve.org/CVERecord
redhat	www.redhat.com/en/blog/deeper-look-l1-terminal-fault-aka-foreshadow
redhat	www.redhat.com/en/blog/understanding-l1-terminal-fault-aka-foreshadow-what-you-need-know

29 May 2026 21:24Current

6.7Medium risk

Vulners AI Score6.7

CVSS 24.7

CVSS 35.6

CVSS 3.15.6

EPSS0.02259

SSVC

CWE-208