After Spectre and Meltdown, Intel Discloses L1 Terminal Fault Vulnerability

👤by Michael Pabia Comments 📅15.08.2018 13:32:31


Intel discloses a new vulnerability recently identified speculative execution side-channel method called L1 Terminal Fault (L1TF) which affects select Intel microprocessor products that support the Intel Software Guard Extension (Intel SGX). Further research of the Intel security team was able to identify two related applications of the L1 Terminal Fault with the potential to impact other microprocessors, virtualization software, and operating systems. While Intel hasn’t received reports that these vulnerabilities have been used in real-world exploits, Intel emphasizes the importance to adhere to security best practices at all times.

About L1 Terminal Fault


All three applications of L1TF are speculative execution side channel cache timing vulnerabilities. In this regard, they are similar to previously reported variants. These particular methods target access to the L1 data cache, a small pool of memory within each processor core designed to store information about what the processor core is most likely to do next. Learn more about the L1 Terminal Fault vulnerability on the video below:





Learn more about L1TF at Intel’s Security Centre. You can also check Intel’s white paper here.

Bug Bounty Program Expanded


Amidst the discoveries of new vulnerabilities, Intel expands its Bug Bounty Program along with higher rewards, offering a new program focused specifically on side channel vulnerabilities through Dec. 31, 2018. The award for disclosures under this program is up to $250,000. Intel also raised bounty awards across the board, with awards of up to $100,000 for other areas.

      Please share your thoughts by commenting below!

Comments

Recent Stories

« Cooler Master Intros MasterLiquid ML360R Liquid CPU Cooler · After Spectre and Meltdown, Intel Discloses L1 Terminal Fault Vulnerability · Tech Round Up – 15-08-2018 »