FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Lazy FPU State Restore Information Disclosure

Affected packages
11.1 <= FreeBSD-kernel < 11.1_11


VuXML ID 4e07d94f-75a5-11e8-85d1-a4badb2f4699
Discovery 2018-06-21
Entry 2018-06-21

Problem Description:

A subset of Intel processors can allow a local thread to infer data from another thread through a speculative execution side channel when Lazy FPU state restore is used.


Any local thread can potentially read FPU state information from other threads running on the host. This could include cryptographic keys when the AES-NI CPU feature is present.


CVE Name CVE-2018-3665
FreeBSD Advisory SA-18:07.lazyfpu