#VU14412 Side-channel attack in Intel Hardware solutions


Published: 2018-08-15

Vulnerability identifier: #VU14412

Vulnerability risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-3646

CWE-ID: CWE-200

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Intel Xeon Processor D 2100
Hardware solutions / Firmware
Intel Xeon Processor D 1500
Hardware solutions / Firmware
Intel Xeon Processor E7 v4 Family
Hardware solutions / Firmware
Intel Xeon Processor E7 v3 Family
Hardware solutions / Firmware
Intel Xeon Processor E7 v2 Family
Hardware solutions / Firmware
Intel Xeon Processor E7 Family
Hardware solutions / Firmware
Intel Xeon Processor E5 v4 Family
Hardware solutions / Firmware
Intel Xeon Processor E5 v3 Family
Hardware solutions / Firmware
Intel Xeon Processor E5 v2 Family
Hardware solutions / Firmware
Intel Xeon Processor E5 Family
Hardware solutions / Firmware
Intel Xeon Processor E3 v4 Family
Hardware solutions / Firmware
Intel Xeon Processor E3 v3 Family
Hardware solutions / Firmware
Intel Xeon Processor E3 v2 Family
Hardware solutions / Firmware
Intel Xeon Processor E3 Family
Hardware solutions / Firmware
Intel Xeon processor 7500 series
Hardware solutions / Firmware
Intel Xeon processor 6500 series
Hardware solutions / Firmware
Intel Xeon processor 5600 series
Hardware solutions / Firmware
Intel Xeon processor 5500 series
Hardware solutions / Firmware
Intel Xeon processor 3600 series
Hardware solutions / Firmware
Intel Xeon processor 3400 series
Hardware solutions / Firmware
Intel Core X-series Processor Family for Intel X299 platforms
Hardware solutions / Firmware
Intel Core X-series Processor Family for Intel X99 platforms
Hardware solutions / Firmware
5th generation Intel Core processors
Hardware solutions / Firmware
4th generation Intel Core processors
Hardware solutions / Firmware
3rd Generation Intel Core Processors
Hardware solutions / Firmware
2nd generation Intel Core processors
Hardware solutions / Firmware
Intel Core M processor family 32nm
Hardware solutions / Firmware
Intel Core M processor family 45nm
Hardware solutions / Firmware
Intel Core i7 processor 32nm
Hardware solutions / Firmware
Intel Core i7 processor 45nm
Hardware solutions / Firmware
Intel Core i5 processor 32nm
Hardware solutions / Firmware
Intel Core i5 processor 45nm
Hardware solutions / Firmware
Intel Core i3 processor 32nm
Hardware solutions / Firmware
Intel Core i3 processor 45nm
Hardware solutions / Firmware
8th Generation Intel Core Processors
Hardware solutions / Firmware
7th Generation Intel Core Processors
Hardware solutions / Firmware
6th Generation Intel Core Processors
Hardware solutions / Firmware
Intel Xeon Processor E3 v6 Family
Hardware solutions / Firmware
Intel Xeon Processor E3 v5 Family
Hardware solutions / Firmware
Intel Xeon Scalable Processors
Hardware solutions / Other hardware appliances

Vendor: Intel

Description

The vulnerability allows an adjacent attacker to obtain potentially sensitive information.

The vulnerability exists due to an error in systems with microprocessors utilizing speculative execution and address translations. An adjacent attacker with guest OS privilege can trigger terminal page fault, conduct side-channel attack and gain access to potentially sensitive information residing in the L1 data cache.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Intel Xeon Processor D 2100: All versions

Intel Xeon Processor D 1500: All versions

Intel Xeon Scalable Processors: All versions

Intel Xeon Processor E7 v4 Family: All versions

Intel Xeon Processor E7 v3 Family: All versions

Intel Xeon Processor E7 v2 Family: All versions

Intel Xeon Processor E7 Family: All versions

Intel Xeon Processor E5 v4 Family: All versions

Intel Xeon Processor E5 v3 Family: All versions

Intel Xeon Processor E5 v2 Family: All versions

Intel Xeon Processor E5 Family: All versions

Intel Xeon Processor E3 v4 Family: All versions

Intel Xeon Processor E3 v3 Family: All versions

Intel Xeon Processor E3 v2 Family: All versions

Intel Xeon Processor E3 Family: All versions

Intel Xeon processor 7500 series: All versions

Intel Xeon processor 6500 series: All versions

Intel Xeon processor 5600 series: All versions

Intel Xeon processor 5500 series: All versions

Intel Xeon processor 3600 series: All versions

Intel Xeon processor 3400 series: All versions

Intel Core X-series Processor Family for Intel X299 platforms: All versions

Intel Core X-series Processor Family for Intel X99 platforms: All versions

5th generation Intel Core processors: All versions

4th generation Intel Core processors: All versions

3rd Generation Intel Core Processors: All versions

2nd generation Intel Core processors: All versions

Intel Core M processor family 32nm: All versions

Intel Core M processor family 45nm: All versions

Intel Core i7 processor 32nm: All versions

Intel Core i7 processor 45nm: All versions

Intel Core i5 processor 32nm: All versions

Intel Core i5 processor 45nm: All versions

Intel Core i3 processor 32nm: All versions

Intel Core i3 processor 45nm: All versions

8th Generation Intel Core Processors: All versions

7th Generation Intel Core Processors: All versions

6th Generation Intel Core Processors: All versions

Intel Xeon Processor E3 v6 Family: All versions

Intel Xeon Processor E3 v5 Family: All versions

External links
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell EMC Integrated Data Protection Appliance
Multiple vulnerabilities in Dell EMC CloudBoost Virtual Appliance
OpenSUSE Linux update for xen
Multiple vulnerabilities in Apple MacOS
Gentoo update for Xen
Red Hat update for kernel
Red Hat update for kernel
Multiple vulnerabilities in Xen
Debian update for linux
OpenSUSE Linux update for xen