PT-2018-1445 · Intel+8 · Intel Microprocessors+8
Published
2018-01-03
·
Updated
2020-08-24
·
CVE-2018-3620
CVSS v3.1
5.6
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Intel microprocessors (affected versions not specified)
Description
The issue concerns systems with microprocessors that use speculative execution and address translations, potentially allowing unauthorized disclosure of information from the L1 data cache to an attacker with local user access. This can be achieved via a terminal page fault and side-channel analysis. The vulnerability is related to the speculative execution of commands and may allow an attacker to gain unauthorized access to the kernel memory or SMM memory by implementing a side-channel attack, enabling them to read data from the L1 cache where fragments of protected data remain after speculative execution.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Centos
Freebsd
Huawei Vrp
Intel Microprocessors
Red Hat
Suse
Ubuntu
Vmware Vcenter