Tuesday, August 14, 2018

SPARC Immune: L1TF vulnerabilities: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646

SPARC Immune: L1TF vulnerabilities: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646


Abstract:

Intel has been hit repeatedly by massive numbers of CPU bugs, affecting everything from tablets, to laptops, to desktops, to servers. The latest is called L1TF, and SPARC is immune.

Description:

Oracle describes a set of vulnerabilities in the Intel processors.

These L1 Terminal Fault (L1TF) vulnerabilities affect a number of Intel processors, and they have received three CVE identifiers:
  • CVE-2018-3615 impacts Intel Software Guard Extensions (SGX) and has a CVSS Base Score of 7.9.
  • CVE-2018-3620 impacts operating systems and System Management Mode (SMM) running on Intel processors and has a CVSS Base Score of 7.1.
  • CVE-2018-3646 impacts virtualization software and Virtual Machine Monitors (VMM) running on Intel processors and has a CVSS Base Score of 7.1
Once again, SPARC is immune.

Conclusion:

As life continues in the world of telecommunications & data center, there is still one safe choice for high performing systems: SPARC.