Three new vulnerabilities in Intel processors discovered - L1TF
Intel announced that three new serious vulnerabilities have been discovered for their processors, allowing unauthorized access to data in the L1 cache. The vulnerabilities are named L1 Terminal Fault, or L1TF.
L1TF vulnerabilities are made public in an announcement they also put up a page about the measures that have been taken about the new side channel attacks in a white paper about L1TF . The vulnerabilities effects both consumer processors and in Xeon server processors. They can be exploited by malware and malicious virtual machines to potentially steal secret information from computer memory, reports the register:
These secrets can include passwords, personal and financial records, and encryption keys. They can be potentially lifted from other applications and other customers' virtual machines, as well as SGX enclaves, and System Management Mode (SMM) memory. SGX is Intel's technology that is supposed to protect these secrets from snooping code. SMM is your computer's hidden janitor that has total control over the hardware, and total access to its data.
Across the board, Intel's desktop, workstation, and server CPUs are vulnerable. Crucially, they do not work as documented: where their technical manuals say memory can be marked off limits, it simply is not. This means malicious software on a vulnerable machine, and guest virtual machines on a cloud platform can potentially lift sensitive data from other software and other customers' virtual machines.
It is the clearest example yet that, over time, Chipzilla's management traded security for speed: their processors execute software at a screaming rate, with memory protection mechanisms a mere afterthought. In the pursuit of ever-increasing performance, defenses to protect people's data became optional.
Redesigned Intel processors without these speculative execution design blunders are expected to start shipping later this year. Mitigations in the form of operating system patches, and hypervisor fixes, should be arriving any time now, and should be installed if you're worried about malware or malicious virtual machines slurping data. Keep your eyes peeled for these. Some of these software mitigations require Intel's Q2 2018 microcode update to be installed.
Here are the three cockups, which Intel has dubbed its L1 Terminal Fault (L1TF) bugs because they involve extracting secret information from the CPU level-one data cache:
- CVE-2018-3615: This affects Software Guard Extensions (SGX), and was discovered by various academics who will reveal their findings this week at the Usenix Security Symposium. According to Intel, "systems with microprocessors utilizing speculative execution and software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via side-channel analysis." This vulnerability was named Foreshadow by the team who uncovered it. This will require the microcode update to fix.
- CVE-2018-3620: This affects operating systems and SMM. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis." Operating system kernels will need patching, and the SMM requires the microcode update, to be protected.
- CVE-2018-3646: This affects hypervisors and virtual machines. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and side-channel analysis." This will require the microcode, operating system, and hypervisor updates to protect data.
The operating system and hypervisor-level flaws – CVE-2018-3620 and CVE-2018-3646 – were discovered by Intel's engineers after they were tipped off about CVE-2018-3615, the SGX issue, by the university researchers. The impact of these vulnerabilities, according to Chipzilla.
Nvidia EEC registrations indicate three new GeForce GPUs - 08/09/2018 05:29 PM
Remember the Manli entries? It's happening again. This round Nvidia has registrations active that point to the arrival of three models GeForce video cards. Earlier on the PCB of one of the cards alr...
iiyama celebrates three new G-Master monitors and the new G-Master logo - 05/17/2018 04:43 PM
iiyama celebrates the introduction of three new G-Master monitors and the new G-Master logo, iiyama launches a pan European competition where fans can win one of 10 brand new Black Hawk and Red Eagle...
Phanteks releases three new colors for Eclipse P300 - 04/19/2018 08:07 AM
Phanteks is releasing three new colors to the P300 Lineup: Black/Red, Black/White, and White. With its full metal exterior and a tempered glass side panel....
WD unveils three new G-Technology data solutions - 04/10/2018 07:25 AM
Western Digital unveils three new G-Technology data solutions, its G-Technology G-DRIVE and G-SPEED Shuttle product families. Working with large 4K and 8K RAW video means massive file sizes and is u...
Iiyama Adds Three New White Colored Monitors - 12/19/2017 10:50 AM
Three popular iiyama models, the 24’’ ProLite XUB2492HSU, 27’’ ProLite B2791HSU and ProLite XUB2792QSU are now available in a stylish white design. Bringing ele...
Senior Member
Posts: 2212
Joined: 2018-01-03
yep, saw these patches drop yesterday in a cumulative update
Senior Member
Posts: 14164
Joined: 2014-07-21
Honestly, can't wait to build my next rig, and it probably won't be Intel based. This constant update patch fix thing is getting on my nerves... makes me want to make a tin foil hat again also.
Senior Member
Posts: 2212
Joined: 2018-01-03
I hear ya, I have envy of the 2700x build i did for my fiancee, while she sits there playing theme park world on it.

Senior Member
Posts: 1521
Joined: 2007-03-18
Sure. Until hordes of people start looking into what can be exploited there, as they are now doing on intel.
It's basically PC vs Mac situation. PC has viruses. Well duh, no one bothered to look into exploiting the sub 10% market when they could go for the other 90%. And now, since Apple uses intel tech on Macs, almost all Macs are vulnerable to these hardware exploits too. But hey, no one is talking about that, yet.
edit: it's a trend that gained momentum. It's not the first, or the last to come around. It will pass.
Senior Member
Posts: 1654
Joined: 2017-02-14
I just get this feeling EPYC on 7nm is going to have a lot of momentum in data centers due to bugs like this one.