Intel-SA-00161: L1 Terminal Fault (L1TF) speculative execution side-channel attack (Foreshadow)

~ hucktech

Security researchers have identified a speculative execution side-channel method called L1 Terminal Fault (L1TF). This method impacts select microprocessor products supporting Intel® Software Guard Extensions (Intel® SGX). Further investigation by Intel has identified two related applications of L1TF with the potential to impact additional microprocessors, operating systems, system management mode, and virtualization software. If used for malicious purposes, this class of vulnerability has the potential to improperly infer data values from multiple types of computing devices.[…]

https://foreshadowattack.eu/

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html

https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html

https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html

https://access.redhat.com/security/vulnerabilities/L1TF

https://www.redhat.com/en/blog/understanding-l1-terminal-fault-aka-foreshadow-what-you-need-know

https://blogs.technet.microsoft.com/virtualization/2018/08/14/hyper-v-hyperclear/

https://blogs.technet.microsoft.com/srd/2018/08/10/analysis-and-mitigation-of-l1-terminal-fault-l1tf/

https://www.us-cert.gov/ncas/current-activity/2018/08/14/Intel-Side-Channel-Vulnerability

 

Published by hucktech

One thought on “Intel-SA-00161: L1 Terminal Fault (L1TF) speculative execution side-channel attack (Foreshadow)

  1. Pingback: more on Intel-SA-00161 | Firmware Security

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s