Skip to main content

Security Alert: Intel CPU speculative execution vulnerabilities

Date:
2018-08-15 18:46:00
Status:
Closed
Brief Description:
Intel publicly disclosed three vulnerabilities that leverage speculative execution to allow an attacker to read sensitive information stored on a system. These attacks are very similar to the previously disclosed Spectre and Meltdown vulnerabilities.
Current Status:
N/A
Services Affected:
Not Applicable
Full Description:
Intel publicly disclosed three vulnerabilities:

CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646

Intel collectively refers to these three vulnerabilities as "L1 Terminal Fault (L1TF)". The researchers who discovered these vulnerabilities have named them "Foreshadow" for CVE-2018-3615 and "Foreshadow-NG" for CVE-2018-3620 and CVE-2018-3646. At this time, the vulnerabilities are specific to Intel processors, no vulnerabilities have been disclosed for AMD or ARM processors. Remediations for each vulnerability vary, but will require either a single or combination of updates to the following: operating system/kernel, firmware/microcode, and/or hypervisors. System administrators should work with their vendors to implement appropriate patches for their environment.

For customers of CIT’s Managed Server service - You will shortly be receiving a directed message to server owners regarding patching deployment schedules for their servers.

For customers of CIT's Cloud service - Cornell AWS and Azure customers running their own virtual machines in their own AWS accounts or Azure subscriptions are responsible for taking appropriate steps to mitigate these vulnerabilities. Usually this will involve applying OS patches (including kernel patches) provided by the OS vendor/distributor and rebooting the machine.

Vulnerability information:
Intel
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
Researchers
https://foreshadowattack.eu/

Vendor information:
Amazon AWS
https://aws.amazon.com/security/security-bulletins/AWS-2018-019/
Microsoft Azure
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/mitigate-se
Microsoft Security Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180018
Red Hat
https://access.redhat.com/security/vulnerabilities/L1TF