Security researchers have identified a speculative execution side-channel method called L1 Terminal Fault (L1TF). This method impacts select microprocessor products supporting Intel® Software Guard Extensions (Intel® SGX). Further investigation by Intel has identified two related applications of L1TF with the potential to impact additional microprocessors, operating systems, system management mode, and virtualization software. If used for malicious purposes, this class of vulnerability has the potential to improperly infer data values from multiple types of computing devices.[…]
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html
https://access.redhat.com/security/vulnerabilities/L1TF
https://www.redhat.com/en/blog/understanding-l1-terminal-fault-aka-foreshadow-what-you-need-know
https://blogs.technet.microsoft.com/virtualization/2018/08/14/hyper-v-hyperclear/
https://www.us-cert.gov/ncas/current-activity/2018/08/14/Intel-Side-Channel-Vulnerability
One thought on “Intel-SA-00161: L1 Terminal Fault (L1TF) speculative execution side-channel attack (Foreshadow)”