CVE-2018-3615
MEDIUMIntel Core i3 and Core i5 - Information Disclosure via L1 Data Cache Side-Channel Analysis
Title source: llmDescription
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
References (17)
Core 17
Core References
Vendor Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
Vendor Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
Third Party Advisory third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/982149
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041451
Third Party Advisory x_refsource_confirm
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/105080
Technical Description, Third Party Advisory x_refsource_misc
https://foreshadowattack.eu/
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20180815-0001/
Third Party Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
Third Party Advisory x_refsource_confirm
https://support.f5.com/csp/article/K35558453
Third Party Advisory x_refsource_confirm
http://support.lenovo.com/us/en/solutions/LEN-24163
Third Party Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
Vendor Advisory x_refsource_confirm
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
Third Party Advisory x_refsource_confirm
https://www.synology.com/support/security/Synology_SA_18_45
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
Third Party Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
Mitigation, Vendor Advisory x_refsource_confirm
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
Scores
CVSS v3
6.4
EPSS
0.0171
EPSS Percentile
82.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
Details
CWE
CWE-203
Status
published
Products (50)
intel/core_i3
6006u
intel/core_i3
6098p
intel/core_i3
6100
intel/core_i3
6100e
intel/core_i3
6100h
intel/core_i3
6100t
intel/core_i3
6100te
intel/core_i3
6100u
intel/core_i3
6102e
intel/core_i3
6157u
... and 40 more
Published
Aug 14, 2018
Tracked Since
Feb 18, 2026