Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks.
Find out more about CVE-2018-3620 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may address this issue.
| CVSS3 Base Score | 5.6 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
| Attack Vector | Local |
| Attack Complexity | High |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Changed |
| Confidentiality | High |
| Integrity Impact | None |
| Availability Impact | None |
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux Advanced Update Support 7.2 (kernel) | RHSA-2018:2389 | 2018-08-14 |
| Red Hat Enterprise Linux Server TUS (v. 7.2) (kernel) | RHSA-2018:2389 | 2018-08-14 |
| Red Hat Enterprise Linux 7 (kernel) | RHSA-2018:2384 | 2018-08-14 |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (kernel) | RHSA-2018:2389 | 2018-08-14 |
| Red Hat Enterprise Linux Extended Update Support 7.3 (kernel) | RHSA-2018:2388 | 2018-08-14 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhev-hypervisor7) | RHSA-2018:2404 | 2018-08-15 |
| Red Hat Enterprise Linux Extended Update Support 6.7 (kernel) | RHSA-2018:2391 | 2018-08-14 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-release-virtualization-host) | RHSA-2018:2403 | 2018-08-15 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhvm-appliance) | RHSA-2018:2402 | 2018-08-16 |
| Red Hat Enterprise Linux Advanced Update Support 6.6 (kernel) | RHSA-2018:2392 | 2018-08-14 |
| Red Hat Enterprise Linux Advanced Update Support 6.5 (kernel) | RHSA-2018:2393 | 2018-08-14 |
| Red Hat Enterprise Linux 6 (kernel) | RHSA-2018:2390 | 2018-08-14 |
| Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) | RHSA-2018:2396 | 2018-08-14 |
| Red Hat Enterprise Linux Advanced Update Support 6.4 (kernel) | RHSA-2018:2394 | 2018-08-14 |
| Red Hat Enterprise Linux Server TUS (v. 6.6) (kernel) | RHSA-2018:2392 | 2018-08-14 |
| Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) | RHSA-2018:2387 | 2018-08-14 |
| Red Hat Enterprise Linux Server (v. 5 ELS) (kernel) | RHSA-2018:2602 | 2018-08-29 |
| Red Hat Enterprise Linux Long Life (v. 5.9 server) (kernel) | RHSA-2018:2603 | 2018-08-29 |
| RHEV Hypervisor for RHEL-6 (rhev-hypervisor7) | RHSA-2018:2404 | 2018-08-15 |
| Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) | RHSA-2018:2395 | 2018-08-14 |
Vulmon