CVE-2018-3646

Name of the Vulnerable Software and Affected Versions Intel processors versions prior to the fixed version Huawei VRP (affected versions not specified) vCenter Server (affected versions not specified) ESXi (affected versions not specified) Workstation (affected versions not specified) Fusion (affected versions not specified)

Description The issue is related to speculative execution and address translations, which may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. This may allow a malicious VM running on a given CPU core to effectively read the hypervisor’s or another VM’s privileged information that resides sequentially or concurrently in the same core’s L1 Data cache.

Recommendations For Intel processors, update to a version that includes the fix for this issue. For Huawei VRP, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For vCenter Server, apply the available patches to secure against this vulnerability. For ESXi, apply the available patches to secure against this vulnerability. For Workstation, apply the available Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM. For Fusion, apply the available Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM.