Lucene search

K
vmwareVMwareVMSA-2018-0020
HistoryAug 14, 2018 - 12:00 a.m.

VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM vulnerability.

2018-08-1400:00:00
www.vmware.com
736

EPSS

0

Percentile

13.3%

vCenter Server, ESXi, Workstation, and Fusion updates include Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM. This issue may allow a malicious VM running on a given CPU core to effectively read the hypervisor’s or another VM’s privileged information that resides sequentially or concurrently in the same core’s L1 Data cache.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-3646 to this issue.

CVE-2018-3646 has two currently known attack vectors which will be referred to as “Sequential-Context” and “Concurrent-Context.”

Attack Vector Summary

Mitigation Summary

Column 5 of the following table lists the action required to mitigate the vulnerability in each release, if a solution is available.