—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Cisco Security Advisory: CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
Advisory ID: cisco-sa-20180814-cpusidechannel
Revision: 1.0
For Public Release: 2018 August 14 17:00 GMT
Last Updated: 2018 August 14 17:00 GMT
CVE ID(s): cve-2018-3615, CVE-2018-3620, CVE-2018-3646
+———————————————————————
Summary
=======
On August 14th, 2018, three vulnerabilities were disclosed by Intel and security researchers that leverage a speculative execution side-channel method referred to as L1 Terminal Fault (L1TF) that affects modern Intel microprocessors. These vulnerabilities could allow an unprivileged, local attacker, in specific circumstances, to read privileged memory belonging to other processes.
The first vulnerability, CVE-2018-3615, affects Intel SGX technology and is referred to by the researchers who discovered it as foreshadow. This vulnerability is not known to affect any Cisco devices as the Cisco devices do not utilize Intel SGX technology. Cisco Unified Computing System servers do support the usage of Intel SGX technology but may be provisioned by a customer in their environment to use Intel SGX technology.
The second vulnerability, CVE-2018-3620, and the third vulnerability, CVE-2018-3646, are referred to as L1 Terminal Fault attacks by Intel. These two vulnerabilities affect multi-core processors that leverage Intel Hyper-Threading technology supporting Operating System, System Management Mode, and Virtualized workloads. Like the previously disclosed Spectre vulnerabilities, all three new vulnerabilities leverage cache-timing attacks to infer any disclosed data.
To exploit any of these vulnerabilities, an attacker must be able to run crafted or script code on an affected device. Although the underlying CPU and operating system combination in a product or service may be affected by these vulnerabilities, the majority of Cisco products are closed systems that do not allow customers to run custom code and are, therefore, not vulnerable. There is no vector from which to exploit them. Cisco products are considered potentially vulnerable only if they allow customers to execute custom code side-by-side with Cisco code on the same microprocessor.
A Cisco product that may be deployed as a virtual machine or a container, even while not directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable. Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as the operating system or hypervisor, is patched against the vulnerabilities in question.
Although Cisco cloud services are not directly affected by these vulnerabilities, the infrastructure on which they run may be impacted. See the Affected Products [“#ap”] section of this advisory for information about the impact of these vulnerabilities on Cisco cloud services.
Cisco will release software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel”]
—–BEGIN PGP SIGNATURE—–
iQJ5BAEBAgBjBQJbcyDfXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczJ3gQAJomL0QxgA3+wjXI4Nfm1Z3bTEgy
QN6uuroB7nessBKliCH10FkgcRvjXq7DZEprl/IoRYwt1HLD5i7n5q8UEJPdLxmx
h2mlqGvhC38jxy3g39HFMAgvC3rr1FXvpkmR/J4sfnqbPNaxZMTmLYZIF5GzDhSb
L6DpvXOruXSIzr3JL6NYFP7q5p4gRB7EAb2nSXZ0YdQOHK3alNik2MpzO890njdb
18JxjS+KgcLpcOBN9bxGdiQjR0b3hzQ5+t1MfBINeaqmqEDgM2Q+HaUtzVHclNuT
x1NzPtrzMa2S5XMQyY2/xFnb1OjmNSCFZXZ/4Jsey7kGQOyghbvHImqiF83ZJUoT
wwk0yFfZqG5nC3apEATNPkr+fWXc4jEGlpixxlCP0lz9YdmvGXV75jt2pDhPbnE1
dlOxV3goH0e081sDPal2UfAxL7KjA8Np7+L+utm75MOep4QPaHb0KVCq+nfE6XBe
P16Svk/8VYKdqyNMmvZJBv4+veaMq5MObFdEbxmSFRWFZOK6idEJa7bStpb2PEmm
Zvlok45w0o6oC4qaDN0mbet+oiIdUVerhSkh9yPSyH5BY1r8sLJGfg41VSjk3WcL
APec1ufh9huKefH8eOvGEfp+kxgwOEhYOzg6yfVrSJ2xRlX19qnEW4VA2RgXvgzR
nLN320UMc7kKFNHR
=8gDf
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com