Описание
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks.
Отчет
This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 5.9 Long Life | kernel | Fixed | RHSA-2018:2603 | 29.08.2018 |
| Red Hat Enterprise Linux 5 Extended Lifecycle Support | kernel | Fixed | RHSA-2018:2602 | 29.08.2018 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2018:2390 | 14.08.2018 |
| Red Hat Enterprise Linux 6.4 Advanced Update Support | kernel | Fixed | RHSA-2018:2394 | 14.08.2018 |
| Red Hat Enterprise Linux 6.5 Advanced Update Support | kernel | Fixed | RHSA-2018:2393 | 14.08.2018 |
| Red Hat Enterprise Linux 6.6 Advanced Update Support | kernel | Fixed | RHSA-2018:2392 | 14.08.2018 |
| Red Hat Enterprise Linux 6.6 Telco Extended Update Support | kernel | Fixed | RHSA-2018:2392 | 14.08.2018 |
| Red Hat Enterprise Linux 6.7 Extended Update Support | kernel | Fixed | RHSA-2018:2391 | 14.08.2018 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2018:2395 | 14.08.2018 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
5.6 Medium
CVSS3
Связанные уязвимости
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
Systems with microprocessors utilizing speculative execution and addre ...
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
ELSA-2018-4215: Unbreakable Enterprise kernel security update (IMPORTANT)
5.6 Medium
CVSS3