Three L1 Terminal Fault bugs discovered in Intel CPUs

Posted on Tuesday, Aug 14 2018 @ 21:50 CEST by Thomas De Maesschalck
Intel logo
A group of international security researchers discovered three new vulnerabilities in Intel's processors. Dubbed L1 Terminal Fault (L1TF) bugs because they involve extracting information from the CPU's level-one data cache, these vulnerabilities potentially enable malware on a vulnerable machine, and guest virtual machines on a cloud service, to steal sensitive data from other software and other customers' virtual machines.

Details about the flaws can be read at The Register:
  • CVE-2018-3615: This affects Software Guard Extensions (SGX), and was discovered by various academics who will reveal their findings this week at the Usenix Security Symposium. According to Intel, "systems with microprocessors utilizing speculative execution and software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via side-channel analysis." This vulnerability was named Foreshadow by the team who uncovered it. This will require the microcode update to fix.

  • CVE-2018-3620: This affects operating systems and SMM. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis." Operating system kernels will need patching, and the SMM requires the microcode update, to be protected.

  • CVE-2018-3646: This affects hypervisors and virtual machines. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and side-channel analysis." This will require the microcode, operating system, and hypervisor updates to protect data.
  • Intel gave the bugs a high severity rating and plans to ship redesigned CPUs later this year. Software-based mitigation is expected very soon, these may have yet another potential performance impact. As The Register points out, this is one of the clearest examples that, over time, Intel traded security for speed.


    About the Author

    Thomas De Maesschalck

    Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



    Loading Comments