L1TF 情報 – VMware

CVE numbers

• CVE-2018-3646 - L1 Terminal Fault - VMM
• CVE-2018-3620 - L1 Terminal Fualt - OS
• CVE-2018-3615 - L1 Terminal Fault - SGX

VMware Security Advisories (VMSA)

• VMSA-2018-20 - VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM vulnerability.
• VMSA-2018-21 - Operating System-Specific Mitigations address L1 Terminal Fault - OS vulnerability in VMware Virtual Appliances.

Knowledge Base (KB)

• KB55636 - VMware Overview of ‘L1 Terminal Fault’ (L1TF) Speculative-Execution vulnerabilities in Intel processors: CVE-2018-3646, CVE-2018-3620, and CVE-2018-3615 (55636)
• KB55806 - VMware response to ‘L1 Terminal Fault - VMM’ (L1TF - VMM) Speculative-Execution vulnerability in Intel processors for vSphere: CVE-2018-3646 (55806)
• KB57138 - VMware response to ‘L1 Terminal Fault - VMM’ (L1TF - VMM) Speculative-Execution vulnerability in Intel processors for VMware Workstation and Fusion: CVE-2018-3646 (57138)
• KB55807 - VMware response to ‘L1 Terminal Fault - OS’ (L1TF - OS) Speculative-Execution vulnerability for VMware Virtual Appliances: CVE-2018-3620 (55807)
• KB54913 - VMware Products and Intel® Software Guard Extensions (Intel® SGX) (54913)
• KB56931 - HTAware Mitigation Tool Overview and Usage (56931)
• KB55767 - VMware Performance Impact Statement for ‘L1 Terminal Fault - VMM’ (L1TF - VMM) mitigations: CVE-2018-3646 (55767)
• KB55808 - VMware response to ‘L1 Terminal Fault’ (L1TF) Speculative-Execution vulnerabilities in Intel processors for VMware SaaS offerings: CVE-2018-3646 and CVE-2018-362 (55808)
• KB57374 - “esx.problem.hyperthreading.unmitigated” notification displayed in vCenter Server after applying updates for CVE-2018-3646 (57374)

VMware Blog

• VMware Security Advisory VMSA-2018-0020 and VMSA-2018-0021 – L1 Terminal Fault (L1TF): CVE-2018-3646, CVE-2018-3620, and CVE-2018-3615