Ubuntu, Debian, RHEL, and CentOS Linux Now Patched Against "Foreshadow" Attacks
A new Spectre-like flaw affects Intel x86 CPUs once again, called L1 Terminal Fault (L1TF) or Foreshadow, and patches are now available for the most popular Linux-based operating systems.
Both Canonical and Red Hat emailed us with regards to the L1 Terminal Fault security vulnerability, which are documented as CVE-2018-3620 for operating systems and System Management Mode (SMM), CVE-2018-3646 for impacts to virtualization, as well as CVE-2018-3615 for Intel Software Guard Extensions (Intel SGX). They affect all Linux-based operating system and machines with Intel CPUs.
“It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This … (read more)