August 2018 Intel Vulnerabilities L1 Terminal Fault – L1TF (CVE-2018-3646 / CVE-2018-3620 / CVE-2018-3615)
Following the recent Spectre/Meltdown vulnerabilities from Intel, the latest wave of new found vulnerabilities disclosed by Intel on Tuesday, 14 August includes 3 new vulnerabilities affecting Intel Core and Xeon processors from at least 2009 – 2018. These new vulnerabilities are collectively known as “L1 Terminal Fault”.
Details for each vulnerability as provided by Intel:
CVE-2018-3615 – L1 Terminal Fault: SGX
Systems with microprocessors utilizing speculative execution and Intel® software guard extensions (Intel® SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
CVE-2018-3620 – L1 Terminal Fault: OS/SMM
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
CVE-2018-3646 – L1 Terminal Fault: VMM
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
The most severe of the three vulnerabilities (CVE-2018-3646: L1 Terminal Fault – VMM) impacts all hypervisors which includes VMware vSphere and Microsoft Hyper-V. Public cloud providers are also affected which includes VMware Cloud on AWS, VMware Horizon Cloud and Microsoft Azure.
It may allow a malicious VM running on a given CPU core to effectively infer contents of the hypervisor’s or another VM’s privileged information residing at the same time in the same core’s L1 Data cache. Because current Intel processors share the physically-addressed L1 Data Cache across both logical processors of a Hyperthreading (HT) enabled core, indiscriminate simultaneous scheduling of software threads on both logical processors creates the potential for further information leakage.
An attacker who can run arbitrary code on one virtual machine may be able to access information from another virtual machine or from the virtualization host itself. Workloads such as Windows Server Remote Desktop Services (RDS) and more dedicated workloads such as Active Directory domain controllers are also at risk. Attackers who can run arbitrary code (regardless of its level of privilege) may be able to access operating system or workload secrets such as encryption keys, passwords, and other sensitive data.
More information on the list of affected Intel processors can be obtained from Intel’s website at https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
- Microsoft General Guidance against L1TF – https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180018
- Windows Server – https://support.microsoft.com/en-au/help/4457951/windows-server-guidance-to-protect-against-l1-terminal-fault
- Windows 7 and Windows Server 2008 R2 – August 2018 Monthly rollup includes protections against CVE-2018-3646 and CVE-2018-3620. https://support.microsoft.com/en-au/help/4343900/windows-7-update-kb4343900
- Azure – Microsoft has deployed mitigations across all our cloud services. The infrastructure that runs Azure and isolates customer workloads from each other is protected. This means that a potential attacker using the same infrastructure can’t attack your application using these vulnerabilities. https://docs.microsoft.com/en-us/azure/virtual-machines/windows/mitigate-se
- As mentioned in VMware KB 55636, the only applicable mitigation for VMware vSphere products is for CVE-2018-3646.
- The mitigation of the Sequential-Context attack vector is achieved by vSphere updates and patches mentioned in VMSA-2018-0020.
- The mitigation of the Concurrent-context attack vector requires enablement of a new feature known as the “ESXi Side-Channel-Aware Scheduler“. The initial version of this feature will only schedule the hypervisor and VMs on one logical processor of an Intel Hyperthreading-enabled core. This feature may impose a non-trivial performance impact and is not enabled by default.
- Enabling “ESXi Side-Channel-Aware Scheduler” requires setting the ESXi advanced host setting VMkernel.Boot.hyperthreadingMitigation to “True” and then rebooting the host. NOTE: This advanced option is made available after the host is patched as per patches in VMSA-2018-0020 mentioned above.
- IMPORTANT: Refer to VMware KB 55767 on the potential performance impact after is ESXi Side-Channel-Aware Scheduler enabled.
Hardware vendor mitigations:
- Cisco is in the process of evaluating its products. Firmware required for servers have been updated. Latest list of affected and unaffected products can be found at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
- HPE has released updated ROMs with mitigations. The list of ROM version which includes the mitigations can be found at the following HPE website: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00053708en_us.
- Dell has released updated BIOS with mitigations. The list of BIOS with updates can be found at the following Dell website: https://www.dell.com/support/article/au/en/audhs1/sln309851/microprocessor-side-channel-vulnerabilities-cve-2018-3639-and-cve-2018-3640-impact-on-dell-emc-poweredge-servers-storage-sc-series-ps-series-and-powervault-md-series-and-networking-products?lang=en