News

Three new serious ‘L1TF’ vulnerabilities in Intel processors discovered

By admin
Spread the love

Intel has announced that three new serious vulnerabilities have been discovered in its processors, which could allow unauthorized access to data in the L1 cache. The vulnerabilities are named L1 Terminal Fault, or L1TF.

Intel has disclosed the existence of the L1TF vulnerabilities in an announcement and has posted a page online detailing the measures taken. Intel has published all the technical details about the new side channel attacks in a white paper on L1TF. The vulnerabilities are in both consumer processors and Xeon server processors.

The first two variants relate to the Intel Software Guard Extensions and the System Management Mode. According to Intel, both are fixable with microcode and software updates and have already been released. The microcode tweaks were made earlier this year and the operating system updates were released Tuesday.

CVE Name Severity Score
CVE-2018-3615 L1 Terminal Fault – SGX High 7.9
CVE-2018-3620 L1 Terminal Fault OS/ SMM High 7.1
CVE-2018-3646 L1 Terminal Fault-VMM High 7.1

The third L1TF variant concerns virtual machines and although mitigations have been released for these too, Intel states that “further measures” are needed depending on the situation. This applies to environments where it cannot be guaranteed that all virtual machines will be equipped with operating systems with patched kernels. One possible measure is to use Core Scheduler in Windows Server 2016, or to disable Hyper-Threading altogether.

Intel claims that the security measures taken have little impact on performance and shows benchmarks of different scenarios before and after the implementation of the patches. Red Hat has also presented figures and shows that disabling Hyper-Threading can have a major negative impact on performance. This measure does not apply to consumer PCs.

The first vulnerability, CVE-2018-3615, was discovered by researchers from universities, including KU Leuven. They present the attack under the name Foreshadow and have set up a website with a paper and demonstration videos. The KU Leuven researchers shared their findings with Intel on January 3, 2018. Intel security researchers then found the other two related vulnerabilities themselves.

The publication of the new vulnerabilities has been coordinated by the security researchers, Intel and software companies. On Tuesday evening, various parties put their analyzes online. Microsoft describes L1TF on its Technet blog, and Oracle has posted information online about which of its products are affected. Red Hat also describes the vulnerabilities. According to Intel, there are no known cases of abuse of the leaks.

Video from Intel with simple explanation of L1 Terminal Fault

More detailed L1TF explanation from Red Hat

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Netflix is ​​also discontinuing the Basic subscription in the US and UK

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Zeeland power grid is full, grid operator stops new requests from major consumers

Exit mobile version