FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure

Affected packages
11.2 <= FreeBSD-kernel < 11.2_2
11.1 <= FreeBSD-kernel < 11.1_13

Details

VuXML ID 2310b814-a652-11e8-805b-a4badb2f4699
Discovery 2018-08-14
Entry 2018-08-22

Problem Description:

On certain Intel 64-bit x86 systems there is a period of time during terminal fault handling where the CPU may use speculative execution to try to load data. The CPU may speculatively access the level 1 data cache (L1D). Data which would otherwise be protected may then be determined by using side channel methods.

This issue affects bhyve on FreeBSD/amd64 systems.

Impact:

An attacker executing user code, or kernel code inside of a virtual machine, may be able to read secret data from the kernel or from another virtual machine.

References

CVE Name CVE-2018-3620
CVE Name CVE-2018-3646
FreeBSD Advisory SA-18:09.l1tf